Bugzilla – Bug 1092153
VUL-0: CVE-2018-10778: mp3gain: Read access violation inside the III_dequantize_sample function in mpglibDBL/layer3.c
Last modified: 2018-05-07 14:45:10 UTC
Read access violation in the III_dequantize_sample function in
mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause
a denial of service (application crash) or possibly have unspecified other
impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409.
Luigi, could you please have a look at this issue?
mp3gain from version 1.6.0 onwards no longer ships mpglibDBL but it relies on system libmpg123 instead.