[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#891638: libcdio: CVE-2017-18201: double free inget_cdtext_generic() in lib/driver/_cdio_generic.c.



In https://security-tracker.debian.org/tracker/CVE-2017-18201 it claims 0.83 is vulnerable, but I don't believe that this the case.

I think that bug was introduced in version 0.92.  There was a major change in 0.90 as to how CD-TEXT was handle (and in 0.90 there was memory that was not freed rather than double freed which started I think in 0.92). So I don't believe 0.83 should be marked as vulnerable.

On Tue, Feb 27, 2018 at 10:49 AM, Salvatore Bonaccorso <carnil@debian.org> wrote:
Source: libcdio
Version: 1.0.0-1
Severity: important
Tags: security upstream
Control: fixed -1 2.0.0-1

Hi,

the following vulnerability was published for libcdio.

CVE-2017-18201[0]:
| An issue was discovered in GNU libcdio before 2.0.0. There is a double
| free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-18201
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18201

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore



Reply to: