Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-20196

There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled.

Related bugs and status

CVE-2018-20196 (Candidate) is related to these bugs:

Bug #1970961: Version in Bionic has multiple vulnerabilities

Summary				In	Importance	Status
	1970961	Version in Bionic has multiple vulnerabilities		faad2 (Ubuntu)	Undecided	In Progress

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/kni...
MLIST: [debian-lts-announce] ...
GENTOO: GLSA-202006-17
DEBIAN: DSA-5109