FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bchunk -- heap-based buffer overflow (with invalid free) and crash

Affected packages
1.2.0 <= bchunk <= 1.2.1


VuXML ID 8ba2819c-0e9d-11e8-83e7-485b3931c969
Discovery 2017-10-28
Entry 2018-02-13

Mitre reports:

bchunk 1.2.0 and 1.2.1 is vulnerable to a heap-based buffer overflow (with a resultant invalid free) and crash when processing a malformed CUE (.cue) file.


CVE Name CVE-2017-15954