rpm package
opensuse/faad2&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/faad2&distro=openSUSE%20Tumbleweed
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15296 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Aug 21, 2019 | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - | ||
| CVE-2019-6956 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Jan 25, 2019 | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c. | ||
| CVE-2018-20362 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Dec 22, 2018 | A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case | ||
| CVE-2018-20359 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Dec 22, 2018 | An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-20358 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Dec 22, 2018 | An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||
| CVE-2018-20199 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Dec 18, 2018 | A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandle | ||
| CVE-2018-20196 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Dec 18, 2018 | There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mi | ||
| CVE-2018-20194 | — | < 2.11.2-2.1 | 2.11.2-2.1 | Dec 18, 2018 | There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the addit |
- CVE-2019-15296Aug 21, 2019affected < 2.11.2-2.1fixed 2.11.2-2.1
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size -
- CVE-2019-6956Jan 25, 2019affected < 2.11.2-2.1fixed 2.11.2-2.1
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c.
- CVE-2018-20362Dec 22, 2018affected < 2.11.2-2.1fixed 2.11.2-2.1
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case
- CVE-2018-20359Dec 22, 2018affected < 2.11.2-2.1fixed 2.11.2-2.1
An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- CVE-2018-20358Dec 22, 2018affected < 2.11.2-2.1fixed 2.11.2-2.1
An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
- CVE-2018-20199Dec 18, 2018affected < 2.11.2-2.1fixed 2.11.2-2.1
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandle
- CVE-2018-20196Dec 18, 2018affected < 2.11.2-2.1fixed 2.11.2-2.1
There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mi
- CVE-2018-20194Dec 18, 2018affected < 2.11.2-2.1fixed 2.11.2-2.1
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the addit