From URL: The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.
References: https://nvd.nist.gov/vuln/detail/CVE-2017-9411 https://nvd.nist.gov/vuln/detail/CVE-2017-9412 From [1]: The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file. From [2]: The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.
Bug tickets: https://sourceforge.net/p/lame/bugs/461/ https://sourceforge.net/p/lame/bugs/463/ https://sourceforge.net/p/lame/bugs/462/
Package is a B and the DoS rates a 3. GLSA Vote: No. Cleanup will be handled in bug #634598