ubuntu · CVE-2017-11552

Quick triage

Priority: medium Published: 2017-08-01 13:29:00 UTC Updated: 2025-08-26 11:57:16 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-11552 medium priority: Ubuntu including 2 source packages (libmad, mpg321), 40 status rows across 21 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial, zesty): not-affected 32, ignored 3, needed 2, DNE 1, needs-triage 1, released 1.

Description:

mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.

cvelogic Threat Intelligence