CVE-2018-20357

Published: 12/22/2018 Last updated: 8/5/2024 Reserved: 12/22/2018

A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-faad faad

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 75dfcb758015c97e1accd6340691fca67d363bed

References (16)

https://github.com/knik0/faad2/issues/28
https://www.debian.org/security/2019/dsa-4522
https://seclists.org/bugtraq/2019/Sep/28
https://security.gentoo.org/glsa/202006-17
https://github.com/knik0/faad2/issues/28
https://www.debian.org/security/2019/dsa-4522
https://seclists.org/bugtraq/2019/Sep/28
https://security.gentoo.org/glsa/202006-17
https://github.com/knik0/faad2/issues/28
https://www.debian.org/security/2019/dsa-4522
https://seclists.org/bugtraq/2019/Sep/28
https://security.gentoo.org/glsa/202006-17
https://github.com/knik0/faad2/issues/28
https://www.debian.org/security/2019/dsa-4522
https://seclists.org/bugtraq/2019/Sep/28
https://security.gentoo.org/glsa/202006-17