MEDIUM5.5
fluidsynth is a software synthesizer based on the SoundFont 2 specifications. A use after free violation was discovered in fluidsynth, that can be triggered when loading an invalid SoundFont file.
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xMEDIUM 5.5
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HReferences
- https://github.com/FluidSynth/fluidsynth/issues/808
- https://github.com/FluidSynth/fluidsynth/pull/810
- https://github.com/FluidSynth/fluidsynth/security/advisories/GHSA-6fcq-pxhc-jxc9
- https://lists.debian.org/debian-lts-announce/2021/06/msg00027.html
- https://github.com/FluidSynth/fluidsynth/issues/808
- https://github.com/FluidSynth/fluidsynth/pull/810
- https://github.com/FluidSynth/fluidsynth/security/advisories/GHSA-6fcq-pxhc-jxc9
- https://lists.debian.org/debian-lts-announce/2021/06/msg00027.html