Upgrade RHEL:8 kernel-rt-modules-extra to version 0:4.18.0-80.7.1.rt9.153.el8_0 or higher. This issue was patched in RHSA-2019:1971 .

NULL Pointer Dereference in kernel-rt-modules-extra | CVE-2019-11810

Threat Intelligence

0.5% (77^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Double Free vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-UBUNTU1804-MP4V2-458903
published22 Jul 2018
disclosed13 Jul 2018

Report a new vulnerability Found a mistake?

Introduced: 13 Jul 2018

CVE-2018-14054 (opens in a new tab) CWE-415 (opens in a new tab)

How to fix?

There is no fixed version for Ubuntu:18.04 mp4v2.

NVD Description

Note: Versions mentioned in the description apply only to the upstream mp4v2 package and not the mp4v2 package as distributed by Ubuntu. See How to fix? for Ubuntu:18.04 relevant fixed versions and status.

A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered.

Double Free Affecting mp4v2 package, versions *

Severity