CVE-2018-19857 — Access of Uninitialized Pointer in VLC Media Player

CWE-824 — Access of Uninitialized Pointer7 documents6 sources

Severity

9.1CRITICALNVD

EPSS

1.5%

top 18.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Videolan VLC Media Player Debian Linux

Timeline

PublishedDec 5

Latest updateMay 14

Description

The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

▶Debianvideolan/vlc_media_player< 3.0.4-4+3

▶Ubuntuvideolan/vlc_media_player< 3.0.7.1-0ubuntu18.04.1

▶NVDvideolan/vlc_media_player3.0.4

Also affects: Debian Linux 9.0

🔴Vulnerability Details

GHSA

GHSA-7g6v-cgr9-2355: The CAF demuxer in modules/demux/caf↗2022-05-14

▶

OSV

vlc vulnerabilities↗2019-07-25

▶

CVEList

CVE-2018-19857: The CAF demuxer in modules/demux/caf↗2018-12-05

▶

OSV

CVE-2018-19857: The CAF demuxer in modules/demux/caf↗2018-12-05

▶

📋Vendor Advisories

Ubuntu

VLC vulnerabilities↗2019-07-25

▶

Debian

CVE-2018-19857: vlc - The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may re...↗2018

▶