CVE-2017-13741

Publication date 29 August 2017

Last updated 25 August 2025

Ubuntu priority

Negligible

Why this priority?

Cvss 3 Severity Score

6.5 · Medium

Score breakdown

Description

There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack.

Read the notes from the security team

Status

Package Ubuntu Release Status
liblouis 17.04 zesty Ignored
16.04 LTS xenial Ignored
14.04 LTS trusty Not in release

Notes

ratliff

POC does not crash without ASAN, just errors out

leosilva

changing for ignored since it's ASAN issue

Severity score breakdown

CVSS version: CVSS v3.0

Base score 6.5 · Medium

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Other references

Access our resources on patching vulnerabilities