MGASA-2018-0061

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0061.html

Import Source

https://advisories.mageia.org/MGASA-2018-0061.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2018-0061

Related

Published

2018-01-04T16:48:42Z

Modified

2018-01-04T16:36:49Z

Summary

Updated wildmidi packages fix security vulnerabilities

Details

The WMSetupMidiEvent function in internal_midi.c:2318 in WildMIDI before 0.4.2 can cause a denial of service(invalid memory read and application crash) via a crafted mid file (CVE-2017-11661).

The WMParseNewMidi function in f_midi.c in WildMIDI before 0.4.2 can cause a denial of service(invalid memory read and application crash) via a crafted mid file (CVE-2017-11662).

The WMSetupMidiEvent function in internal_midi.c:2315 in WildMIDI before 0.4.2 can cause a denial of service(invalid memory read and application crash) via a crafted mid file (CVE-2017-11663).

The WMSetupMidiEvent function in internal_midi.c:2122 in WildMIDI before 0.4.2 can cause a denial of service(invalid memory read and application crash) via a crafted mid file (CVE-2017-11664).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2018-0061

Affected packages