Описание
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
A flaw was found in the libsndfile library. A buffer overflow can be triggered when a specially crafted IRCAM audio file is processed, specifically when attempting to set the sample rate. This issue can cause a crash to the application linked to the library and result in a denial of service.
Отчет
To exploit this flaw, an attacker needs to be able to process a specially crafted IRCAM audio file with the application linked to the libsndfile library. Additionally, this issue can cause memory corruption, but the most likely impact is an application crash via a SIGILL signal due to an illegal instruction. Due to these reasons, this vulnerability has been rated with a Moderate severity.
Меры по смягчению последствий
Do not process untrusted IRCAM audio files with the libsndfile library.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libsndfile | Not affected | ||
| Red Hat Enterprise Linux 6 | libsndfile | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libsndfile | Not affected | ||
| Red Hat Enterprise Linux 8 | libsndfile | Not affected | ||
| Red Hat Enterprise Linux 9 | libsndfile | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
8.2 High
CVSS3
Связанные уязвимости
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and ...
A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
EPSS
8.2 High
CVSS3