In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability exists in the function mapping0forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbisanalysis().
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libvorbis0a": "1.3.2-1.3ubuntu1.1", "libvorbisenc2-dbgsym": "1.3.2-1.3ubuntu1.1", "libvorbisfile3": "1.3.2-1.3ubuntu1.1", "libvorbis-dev-dbgsym": "1.3.2-1.3ubuntu1.1", "libvorbisfile3-dbgsym": "1.3.2-1.3ubuntu1.1", "libvorbis-dbg": "1.3.2-1.3ubuntu1.1", "libvorbis-dev": "1.3.2-1.3ubuntu1.1", "libvorbisenc2": "1.3.2-1.3ubuntu1.1", "libvorbis0a-dbgsym": "1.3.2-1.3ubuntu1.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libvorbis0a": "1.3.5-3ubuntu0.1", "libvorbisenc2-dbgsym": "1.3.5-3ubuntu0.1", "libvorbisfile3": "1.3.5-3ubuntu0.1", "libvorbis-dev-dbgsym": "1.3.5-3ubuntu0.1", "libvorbisfile3-dbgsym": "1.3.5-3ubuntu0.1", "libvorbis-dbg": "1.3.5-3ubuntu0.1", "libvorbis-dev": "1.3.5-3ubuntu0.1", "libvorbisenc2": "1.3.5-3ubuntu0.1", "libvorbis0a-dbgsym": "1.3.5-3ubuntu0.1" } ] }