USN-3241-1: audiofile vulnerabilities
- Canonical Ubuntu 14.04
Agostino Sarubbo discovered that audiofile incorrectly handled certain malformed audio files. If a user or automated system were tricked into processing a specially crafted audio file, a remote attacker could cause applications linked against audiofile to crash, leading to a denial of service, or possibly execute arbitrary code.
Affected Cloud Foundry Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry cflinuxfs2 prior to 1.111.0
OSS users are strongly encouraged to follow one of the mitigations below:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 versions 1.111.0 or later.