Gnu Libcdio vulnerabilities

CVE-2024-36600 [HIGH] CWE-121 CVE-2024-36600: Buffer Overflow Vulnerability in libcdio 2.2.0 (fixed in 2.3.0) allows an attacker to execute arbitr Buffer Overflow Vulnerability in libcdio 2.2.0 (fixed in 2.3.0) allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.

CVE-2017-18201 [CRITICAL] CWE-415 CVE-2017-18201: An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() An issue was discovered in GNU libcdio before 2.0.0. There is a double free in get_cdtext_generic() in lib/driver/_cdio_generic.c.

CVE-2017-18198 [HIGH] CWE-125 CVE-2017-18198: print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a d print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file.

CVE-2017-18199 [MEDIUM] CWE-476 CVE-2017-18199: realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of s realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

CVE-2007-6613 [MEDIUM] CWE-119 CVE-2007-6613: Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GN Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.