Your submission was sent successfully! Close

CVE-2019-5459

Published: 30 July 2019

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

Notes

AuthorNote
ebarretto
It also affects faad2
Priority

Medium

CVSS 3 base score: 7.1

Status

Package Release Status
faad2
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
vlc
Launchpad, Ubuntu, Debian
bionic Not vulnerable

disco Not vulnerable

eoan Not vulnerable

focal Not vulnerable

groovy Not vulnerable

hirsute Not vulnerable

impish Not vulnerable

jammy Not vulnerable

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(code not present)
Patches:
upstream: https://github.com/videolan/vlc/commit/16d40d9f8a57b6bdd01b8ee0ecf5147547d5953c
upstream: https://github.com/videolan/vlc/commit/08587dfd0d35eebf9a4ac1509c746307c5cff8e4