The fillbufferresample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "lame", "binary_version": "3.99.5+repack1-3ubuntu1+esm2" }, { "binary_name": "lame-dbgsym", "binary_version": "3.99.5+repack1-3ubuntu1+esm2" }, { "binary_name": "lame-doc", "binary_version": "3.99.5+repack1-3ubuntu1+esm2" }, { "binary_name": "libmp3lame-dev", "binary_version": "3.99.5+repack1-3ubuntu1+esm2" }, { "binary_name": "libmp3lame0", "binary_version": "3.99.5+repack1-3ubuntu1+esm2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "lame", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "lame-dbg", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "lame-dbgsym", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "lame-doc", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "libmp3lame-dev", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "libmp3lame-dev-dbgsym", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "libmp3lame0", "binary_version": "3.99.5+repack1-9build1" }, { "binary_name": "libmp3lame0-dbgsym", "binary_version": "3.99.5+repack1-9build1" } ] }