The vorbisanalysiswrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libvorbis0a": "1.3.2-1.3ubuntu1.1", "libvorbisenc2-dbgsym": "1.3.2-1.3ubuntu1.1", "libvorbisfile3": "1.3.2-1.3ubuntu1.1", "libvorbis-dev-dbgsym": "1.3.2-1.3ubuntu1.1", "libvorbisfile3-dbgsym": "1.3.2-1.3ubuntu1.1", "libvorbis-dbg": "1.3.2-1.3ubuntu1.1", "libvorbis-dev": "1.3.2-1.3ubuntu1.1", "libvorbisenc2": "1.3.2-1.3ubuntu1.1", "libvorbis0a-dbgsym": "1.3.2-1.3ubuntu1.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libvorbis0a": "1.3.5-3ubuntu0.1", "libvorbisenc2-dbgsym": "1.3.5-3ubuntu0.1", "libvorbisfile3": "1.3.5-3ubuntu0.1", "libvorbis-dev-dbgsym": "1.3.5-3ubuntu0.1", "libvorbisfile3-dbgsym": "1.3.5-3ubuntu0.1", "libvorbis-dbg": "1.3.5-3ubuntu0.1", "libvorbis-dev": "1.3.5-3ubuntu0.1", "libvorbisenc2": "1.3.5-3ubuntu0.1", "libvorbis0a-dbgsym": "1.3.5-3ubuntu0.1" } ] }