The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote malicious users to cause a denial of service (memory corruption) via a crafted MP3 file.
Debian Bug report logs -
#870608
CVE-2017-11548
Package:
src:libao;
Maintainer for src:libao is Ron Lee <ron@debianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 3 Aug 2017 11:15:01 UTC
Severity: important
Tags: security, upstream
Found in version libao/120-1
Reply or subscribe to this bu ...
libao memory corruption vulnerability
================
Author : qflbwu
===============
Introduction:
=============
Libao is a cross-platform audio library that allows programs to output audio using a simple API on a wide variety of platforms
Affected version:
=====
120
Vulnerability Description:
==========================
the _tokenize_ma ...