Описание
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| sox | fixed | 14.4.2+git20190427-3.2 | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1980626
Triggered by same reproducer as for CVE-2021-23210
https://sourceforge.net/p/sox/bugs/351/
https://www.openwall.com/lists/oss-security/2023/02/03/3
Связанные уязвимости
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
Уязвимость функции lsx_adpcm_init программы обработки звука SoX, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании