CVE-2018-7263

NameCVE-2018-7263
DescriptionThe mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. NOTE: this may overlap CVE-2017-11552.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Notes

Seems like a duplicate of CVE-2017-11552 relates to the issue raised in
https://bugs.debian.org/870608
https://bugzilla.suse.com/show_bug.cgi?id=1081784
MITRE stated, that "[...] However, if there are two different code
paths by which libmad is used incorrectly, and both code paths result
in "double free or corruption" errors, then we would represent this
with two CVEs."

Search for package or bug name: Reporting problems