CVE-2021-3246

Опубликовано: 20 июл. 2021

Источник: debian

EPSS Низкий

Описание

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

Пакет	Статус	Версия исправления	Релиз	Тип
libsndfile	fixed	1.0.31-2		package

https://github.com/libsndfile/libsndfile/issues/687
https://github.com/libsndfile/libsndfile/commit/deb669ee8be55a94565f6f8a6b60890c2e7c6f32

EPSS

Процентиль: 74%

0.00806

Низкий

CVE-2021-3246

CVSS3: 8.8

ubuntu

больше 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVE-2021-3246

CVSS3: 8.8

redhat

больше 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

CVE-2021-3246

CVSS3: 8.8

nvd

больше 4 лет назад

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

SUSE-SU-2021:14769-1

suse-cvrf

больше 4 лет назад

Security update for libsndfile

RLSA-2021:3253

rocky

больше 4 лет назад

Important: libsndfile security update

EPSS

Процентиль: 74%

0.00806

Низкий