FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-12-25 11:10:35 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
bf854a37-e180-11f0-ac0c-5404a68ad561	fluidsynth -- Use after free when using DLS files The fluidsynth authors report: A race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed memory, if the synthesizer is being concurrently destroyed, or samples of the (unloaded) DLS file are concurrently used to synthesize audio. Realistically, both scenarios will result in a denial of service. In worst cases, it may result in arbitrary code execution in the context of an application using FluidSynth. Discovery 2025-12-23 Entry 2025-12-25 fluidsynth < 2.5.2 CVE-2025-68617 https://www.cve.org/CVERecord?id=CVE-2025-68617

VuXML ID

Description

bf854a37-e180-11f0-ac0c-5404a68ad561

fluidsynth -- Use after free when using DLS files

The fluidsynth authors report:

A race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed memory, if the synthesizer is being concurrently destroyed, or samples of the (unloaded) DLS file are concurrently used to synthesize audio. Realistically, both scenarios will result in a denial of service. In worst cases, it may result in arbitrary code execution in the context of an application using FluidSynth.

Discovery 2025-12-23
Entry 2025-12-25
fluidsynth

< 2.5.2

CVE-2025-68617
https://www.cve.org/CVERecord?id=CVE-2025-68617