Vulnerability Description
An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the CEmuopl class in emuopl.cpp because of a destructor's two OPLDestroy calls, each of which frees TL_TABLE, SIN_TABLE, AMS_TABLE, and VIB_TABLE.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adplug Project | Adplug | 2.3.1 |
| Fedoraproject | Fedora | 32 |
Related Weaknesses (CWE)
References
- https://github.com/adplug/adplug/issues/67ExploitThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://github.com/adplug/adplug/issues/67ExploitThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
FAQ
What is CVE-2018-17825?
CVE-2018-17825 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the CEmuopl class in emuopl.cpp because of a destructor's two OPLDestroy calls, each of which frees TL_TABLE, ...
How severe is CVE-2018-17825?
CVE-2018-17825 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-17825?
Check the references section above for vendor advisories and patch information. Affected products include: Adplug Project Adplug, Fedoraproject Fedora.