Your submission was sent successfully! Close

CVE-2018-19130

Published: 9 November 2018

** DISPUTED ** In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
libav
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

disco Does not exist

precise Does not exist

trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

xenial Does not exist