Ubuntu Security Notice 5558-1 - Zhao Liang discovered that libcdio was not properly performing memory management operations when processing ISO files, which could result in a heap buffer overflow or in a NULL pointer dereference. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.
1d6a495bf2cef207e4a430fe621479724aa8eac3fc97c8aee7146d1c085ad4b5
Red Hat Security Advisory 2018-3246-01 - The libcdio library provides an interface for CD-ROM access. It can be used by applications that need OS-independent and device-independent access to CD-ROM devices. Issues addressed include a null pointer vulnerability.
3cad072a4e644ccf8cbd8f0e7191b58d932a2acebd8eb9bbed370e2c19d971a1