Описание
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow flaw was found in libsndfile. This flaw allows an attacker to execute arbitrary code via a crafted WAV file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libsndfile | Out of support scope | ||
| Red Hat Enterprise Linux 9 | libsndfile | Not affected | ||
| Red Hat Enterprise Linux 7 | libsndfile | Fixed | RHSA-2021:3295 | 30.08.2021 |
| Red Hat Enterprise Linux 8 | libsndfile | Fixed | RHSA-2021:3253 | 24.08.2021 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | libsndfile | Fixed | RHSA-2021:3297 | 30.08.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | libsndfile | Fixed | RHSA-2021:3298 | 30.08.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow vulnerability in msadpcm_decode_block of libsnd ...
EPSS
8.8 High
CVSS3