Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in 1:8.0-0ubuntu3.14.
References
Link | Resource |
---|---|
https://ubuntu.com/USN-4519-1 | Third Party Advisory |
https://launchpad.net/bugs/1884738 | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-11-18 19:15
Updated : 2020-12-16 07:08
NVD link : CVE-2020-15710
Mitre link : CVE-2020-15710
JSON object : View
CWE
CWE-415
Double Free
Products Affected
canonical
- ubuntu_linux
pulseaudio_project
- pulseaudio