CVE-2017-15955

Published: 28 October 2017

bchunk (related to BinChunker) 1.2.0 and 1.2.1 is vulnerable to an "Access violation near NULL on destination operand" and crash when processing a malformed CUE (.cue) file.

Priority

Unknown

CVSS 3 base score: 5.5

Status

Package Release Status
bchunk
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1.2.0-12.1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.2.0-12+deb8u1build0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.2.0-12+deb8u1build0.14.04.1])