First published: Thu Nov 19 2020(Updated: )
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in 1:8.0-0ubuntu3.14.
Credit: security@ubuntu.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu1 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu2 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.1 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.2 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.3 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.4 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.5 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.6 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.7 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.8 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.9 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.10 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.11 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu3.12 | |
Pulseaudio Project Pulseaudio | =1\-8.0-0ubuntu4 | |
Canonical Ubuntu Linux | =16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.