AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. ">

Oval Definition:	oval:com.ubuntu.disco:def:2018210150000000
Revision Date: 2019-09-16 Version: 1 Title: CVE-2018-21015 on Ubuntu 19.04 (disco) - medium. Description: AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-21015 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND Package Information ccextractor package in disco is affected and may need fixing. OR gpac package in disco is affected and needs fixing.
BACK