Описание
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 5.1.0-2ubuntu1.2 |
| cosmic | released | 5.1.0-4ubuntu0.1 |
| devel | released | 5.1.0-5 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [4.70.0-1ubuntu0.2]] |
| esm-infra/bionic | released | 5.1.0-2ubuntu1.2 |
| esm-infra/xenial | released | 4.75.2-2ubuntu0.2 |
| precise/esm | DNE | |
| trusty | released | 4.70.0-1ubuntu0.2 |
| trusty/esm | DNE | trusty was released [4.70.0-1ubuntu0.2] |
| upstream | released | 5.1.0-5 |
Показывать по
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero.
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPac ...
4.3 Medium
CVSS2
5.5 Medium
CVSS3