DEBIAN-CVE-2018-19887

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2018-19887

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-19887.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2018-19887

Upstream

CVE-2018-19887

Published

2018-12-06T00:29:00Z

Modified

2025-09-18T06:19:14.713350Z

Summary

[none]

Details

An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case.

References

https://security-tracker.debian.org/tracker/CVE-2018-19887

Affected packages

Debian:11 / faac

Package

Name: faac
Purl: pkg:deb/debian/faac?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.30-1

Affected versions

1.*

1.28-5

1.28-6

1.28-7

1.28+cvs20150510-1

1.28+cvs20151130-1

1.29+git20170704-1

1.29.2-1

1.29.3+git20170724-1

1.29.7.2-1

1.29.7.4-1

1.29.7.7-1

1.29.9.2-1

1.29.9.2-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / faac

Package

Name: faac
Purl: pkg:deb/debian/faac?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.30-1

Affected versions

1.*

1.28-5

1.28-6

1.28-7

1.28+cvs20150510-1

1.28+cvs20151130-1

1.29+git20170704-1

1.29.2-1

1.29.3+git20170724-1

1.29.7.2-1

1.29.7.4-1

1.29.7.7-1

1.29.9.2-1

1.29.9.2-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / faac

Package

Name: faac
Purl: pkg:deb/debian/faac?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.30-1

Affected versions

1.*

1.28-5

1.28-6

1.28-7

1.28+cvs20150510-1

1.28+cvs20151130-1

1.29+git20170704-1

1.29.2-1

1.29.3+git20170724-1

1.29.7.2-1

1.29.7.4-1

1.29.7.7-1

1.29.9.2-1

1.29.9.2-2

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:14 / faac

Package

Name: faac
Purl: pkg:deb/debian/faac?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.30-1

Affected versions

1.*

1.28-5

1.28-6

1.28-7

1.28+cvs20150510-1

1.28+cvs20151130-1

1.29+git20170704-1

1.29.2-1

1.29.3+git20170724-1

1.29.7.2-1

1.29.7.4-1

1.29.7.7-1

1.29.9.2-1

1.29.9.2-2

Ecosystem specific

{
    "urgency": "unimportant"
}