A NULL pointer dereference was discovered in icpredict of libfaad/icpredict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
{ "binaries": [ { "binary_name": "faad", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "libfaad-dev", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "libfaad2", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" } ] }
{ "binaries": [ { "binary_name": "faad", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "libfaad-dev", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "libfaad2", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" } ] }
{ "binaries": [ { "binary_name": "faad", "binary_version": "2.8.8-1ubuntu0.1~esm1" }, { "binary_name": "libfaad-dev", "binary_version": "2.8.8-1ubuntu0.1~esm1" }, { "binary_name": "libfaad2", "binary_version": "2.8.8-1ubuntu0.1~esm1" } ] }