USN-3241-1: audiofile vulnerabilities

Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

Canonical Ubuntu 14.04

Description

Agostino Sarubbo discovered that audiofile incorrectly handled certain malformed audio files. If a user or automated system were tricked into processing a specially crafted audio file, a remote attacker could cause applications linked against audiofile to crash, leading to a denial of service, or possibly execute arbitrary code.

Affected Cloud Foundry Products and Versions

Severity is medium unless otherwise noted.

All versions of Cloud Foundry cflinuxfs2 prior to 1.111.0

Mitigation

OSS users are strongly encouraged to follow one of the mitigations below:

The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 versions 1.111.0 or later.

References

USN-3241-1
CVE-2017-6827
CVE-2017-6828
CVE-2017-6829
CVE-2017-6830
CVE-2017-6831
CVE-2017-6832
CVE-2017-6833
CVE-2017-6834
CVE-2017-6835
CVE-2017-6836
CVE-2017-6837
CVE-2017-6838
CVE-2017-6839

USN-3241-1: audiofile vulnerabilities

USN-3241-1: audiofile vulnerabilities

Severity

Vendor

Versions Affected

Description

Affected Cloud Foundry Products and Versions

Mitigation

References

You Might Also Like

USN-4247-2: python-apt regression

USN-3235-1: libxml2 vulnerabilities

USN-4749-1: Linux kernel vulnerabilities

Sign up for the Cloud Foundry Newsletter today!

Sign up for the
Cloud Foundry Newsletter today!