Bugzilla – Bug 1082025
VUL-1: CVE-2018-7263 libmad: Double-free in the mad_decoder_run() function
Last modified: 2018-02-21 13:50:17 UTC
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b
allows remote attackers to cause a denial of service (SIGABRT because of double
free or corruption) or possibly have unspecified other impact via a crafted
file. NOTE: this may overlap CVE-2017-11552.
This is actually an issue in mpg321 and has already been assigned CVE-2017-11552. We don't ship mpg321, so it does not affect us.
*** Bug 1081784 has been marked as a duplicate of this bug. ***