FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bchunk -- heap-based buffer overflow and crash

Affected packages
1.2.0 <= bchunk <= 1.2.1

Details

VuXML ID 1ec1c59b-0e98-11e8-83e7-485b3931c969
Discovery 2017-10-28
Entry 2018-02-13

Mitre reports:

bchunk 1.2.0 and 1.2.1 vulnerable to a heap-based buffer overflow and crash when processing a malformed CUE (.cue) file.

References

CVE Name CVE-2017-15953
URL https://nvd.nist.gov/vuln/detail/CVE-2017-15953