Debian Faad2 vulnerabilities

CVE-2023-38858 [MEDIUM] CVE-2023-38858: faad2 - Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execu... Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2023-38857 [MEDIUM] CVE-2023-38857: faad2 - Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execu... Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2021-32278 [HIGH] CVE-2021-32278: faad2 - An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists i... An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution. Scope: local bookworm: resolved (fixed in 2.10.0-1) bullseye: resolved (fixed in 2.10.0-1) forky: resolved (fixed in 2.10.0-1) sid: resolved (fixed in 2.10.0-1) trixie: resolved (fixed in 2

CVE-2021-32274 [HIGH] CVE-2021-32274: faad2 - An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists i... An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution. Scope: local bookworm: resolved (fixed in 2.10.0-1) bullseye: resolved (fixed in 2.10.0-1) forky: resolved (fixed in 2.10.0-1) sid: resolved (fixed in 2.10.0-1) trixie: resolved (fixed

CVE-2021-32272 [HIGH] CVE-2021-32272: faad2 - An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in... An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution. Scope: local bookworm: resolved (fixed in 2.10.0-1) bullseye: resolved (fixed in 2.10.0-1) forky: resolved (fixed in 2.10.0-1) sid: resolved (fixed in 2.10.0-1) trixie: resolved (fixed in 2.10.0-1)

CVE-2021-32273 [HIGH] CVE-2021-32273: faad2 - An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists ... An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution. Scope: local bookworm: resolved (fixed in 2.10.0-1) bullseye: resolved (fixed in 2.10.0-1) forky: resolved (fixed in 2.10.0-1) sid: resolved (fixed in 2.10.0-1) trixie: resolved (fixed in 2.10.0-1)

CVE-2021-32277 [HIGH] CVE-2021-32277: faad2 - An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists i... An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution. Scope: local bookworm: resolved (fixed in 2.10.0-1) bullseye: resolved (fixed in 2.10.0-1) forky: resolved (fixed in 2.10.0-1) sid: resolved (fixed in 2.10.0-1) trixie: resolved (fixed i

CVE-2021-32276 [MEDIUM] CVE-2021-32276: faad2 - An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exis... An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service. Scope: local bookworm: resolved (fixed in 2.10.0-1) bullseye: resolved (fixed in 2.10.0-1) forky: resolved (fixed in 2.10.0-1) sid: resolved (fixed in 2.10.0-1) trixie: resolved (fixed

CVE-2019-15296 [HIGH] CVE-2019-15296: faad2 - An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The ... An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The faad_resetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld->buffer_size - words*4, cast to uint32. If ld->buffer_size - words*4 is negative, a buffer overflow is later performed via getdword_n(&ld->start[words

CVE-2019-6956 [HIGH] CVE-2019-6956: faad2 - An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It i... An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c. Scope: local bookworm: resolved (fixed in 2.8.8-3.1) bullseye: resolved (fixed in 2.8.8-3.1) forky: resolved (fixed in 2.8.8-3.1) sid: resolved (fixed in 2.8.8-3.1) trixie: resolved (fixed in 2.8.8-3.1)

CVE-2018-20194 [HIGH] CVE-2018-20194: faad2 - There is a stack-based buffer underflow in the third instance of the calculate_g... There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max <= G case. Scope: local bookworm: res

CVE-2018-19503 [HIGH] CVE-2018-19503: faad2 - An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. Ther... An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c. Scope: local bookworm: resolved (fixed in 2.8.8-2) bullseye: resolved (fixed in 2.8.8-2) forky: resolved (fixed in 2.8.8-2) sid: resolved (fixed in 2.8.8-2) trixie: resolved (fixed in 2.8.8-2)

CVE-2018-19502 [HIGH] CVE-2018-19502: faad2 - An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. Ther... An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c. Scope: local bookworm: resolved (fixed in 2.8.8-3) bullseye: resolved (fixed in 2.8.8-3) forky: resolved (fixed in 2.8.8-3) sid: resolved (fixed in 2.8.8-3) trixie: resolved (fixed in 2.8.8-3)

CVE-2018-20197 [HIGH] CVE-2018-20197: faad2 - There is a stack-based buffer underflow in the third instance of the calculate_g... There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy level is mishandled for the G_max > G case. Scope: local bookworm: reso

CVE-2018-20357 [MEDIUM] CVE-2018-20357: faad2 - A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_... A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash. Scope: local bookworm: resolved (fixed in 2.8.8-2) bullseye: resolved (fixed in 2.8.8-2) forky: resolved (fixed in 2.8.8-2) sid: resolved (fixed in 2.8.8-2) trix

CVE-2018-20196 [HIGH] CVE-2018-20196: faad2 - There is a stack-based buffer overflow in the third instance of the calculate_ga... There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because the S_M array is mishandled. Scope: local bookworm: resolved (fixed in 2.8.8-3.1) bullseye: resolved (fixed i

CVE-2018-20362 [MEDIUM] CVE-2018-20362: faad2 - A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c ... A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case. Scope: local bookworm: resolved (fixed in 2.8.8-2) bullseye: resolved (fixed in 2.8.8-

CVE-2018-20195 [MEDIUM] CVE-2018-20195: faad2 - A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c ... A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Scope: local bookworm: resolved (fixed in 2.8.8-2) bullseye: resolved (fixed in 2.8.8-2) forky: resolved (fixed in 2.8.8-2) sid: reso

CVE-2018-20198 [MEDIUM] CVE-2018-20198: faad2 - A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c ... A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the LONG_START_SEQUENCE case. Scope: local bookworm: resolved (fixed in 2.8.8-2) bu

CVE-2018-20359 [MEDIUM] CVE-2018-20359: faad2 - An invalid memory address dereference was discovered in the sbrDecodeSingleFrame... An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Scope: local bookworm: resolved (fixed in 2.8.8-2) bullseye: resolved (fixed in 2.8.8-2) forky: reso