Your submission was sent successfully! Close

CVE-2017-18198

Published: 24 February 2018

print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
libcdio
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(1.0.0-2)
cosmic Not vulnerable
(1.0.0-2)
disco Not vulnerable
(1.0.0-2)
eoan Not vulnerable
(1.0.0-2)
focal Not vulnerable
(1.0.0-2)
groovy Not vulnerable
(1.0.0-2)
hirsute Not vulnerable
(1.0.0-2)
impish Not vulnerable
(1.0.0-2)
jammy Not vulnerable
(1.0.0-2)
precise Does not exist

trusty
Released (0.83-4.1ubuntu1+esm1)
upstream
Released (1.0.0, 1.0.0-1)
xenial
Released (0.83-4.2ubuntu1+esm1)
Patches:
upstream: http://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=b9ab2a9d36a216ba1b3a6b4ee465c3ee2b806ec6