Oval Definition:oval:org.opensuse.security:def:20179870
Revision Date:2021-10-24Version:1
Title:CVE-2017-9870
Description:

The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file that is mishandled in the code for the "block_type == 2" case, a similar issue to CVE-2017-11126.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-9870
openSUSE-SU-2018:0543-1
openSUSE-SU-2018:0544-1
Mitre CVE-2017-9870
SUSE CVE-2017-9870
openSUSE-SU-2018:0543-1
openSUSE-SU-2018:0544-1
Platform(s):openSUSE Leap 42.3
SUSE Linux Enterprise High Performance Computing 12 SP2
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Package Hub for SUSE Linux Enterprise 12 SP2
Product(s):
Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • lame-3.100-7 is installed
  • AND lame is signed with openSUSE key
  • OR
  • lame-doc-3.100-7 is installed
  • AND lame-doc is signed with openSUSE key
  • OR
  • lame-mp3rtp-3.100-7 is installed
  • AND lame-mp3rtp is signed with openSUSE key
  • OR
  • libmp3lame-devel-3.100-7 is installed
  • AND libmp3lame-devel is signed with openSUSE key
  • OR
  • libmp3lame0-3.100-7 is installed
  • AND libmp3lame0 is signed with openSUSE key
  • OR
  • libmp3lame0-32bit-3.100-7 is installed
  • AND libmp3lame0-32bit is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 SP2 is installed
  • AND Package Information
  • lame-3.100-6 is installed
  • OR lame-doc-3.100-6 is installed
  • OR lame-mp3rtp-3.100-6 is installed
  • OR libmp3lame-devel-3.100-6 is installed
  • OR libmp3lame0-3.100-6 is installed
  • OR libmp3lame0-32bit-3.100-7 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 SP2 is installed
  • AND Package Information
  • lame-3.100-6.1 is installed
  • OR lame-doc-3.100-6.1 is installed
  • OR lame-mp3rtp-3.100-6.1 is installed
  • OR libmp3lame-devel-3.100-6.1 is installed
  • OR libmp3lame0-3.100-6.1 is installed
    • BACK