aubio up to 0.4.8 Onset denial of service

Summaryinfo

A vulnerability marked as problematic has been reported in aubio up to 0.4.8. This affects an unknown part of the component Onset. This manipulation causes denial of service. This vulnerability is registered as CVE-2019-1010224. No exploit is available. It is recommended to apply a patch to fix this issue.

Detailsinfo

A vulnerability has been found in aubio up to 0.4.8 and classified as problematic. Affected by this vulnerability is an unknown code of the component Onset. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. The summary by CVE is:

aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash (DoS). The component is: onset. The fixed version is: after commit e4e0861cffbc8d3a53dcd18f9ae85797690d67c7.

The weakness was published 07/22/2019 (GitHub Repository). It is possible to read the advisory at github.com. This vulnerability is known as CVE-2019-1010224 since 03/20/2019. The technical details are unknown and an exploit is not publicly available.

Applying the patch e4e0861cffbc8d3a53dcd18f9ae85797690d67c7 is able to eliminate this problem.

Similar entries are available at VDB-138414 and VDB-138413. Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Name

• aubio

Version

• 0.4.0
• 0.4.1
• 0.4.2
• 0.4.3
• 0.4.4
• 0.4.5
• 0.4.6
• 0.4.7
• 0.4.8

License

• open-source

Website

• Product: https://github.com/aubio/aubio/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion