Описание
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 5.1.0-2ubuntu1.2 |
| cosmic | released | 5.1.0-4ubuntu0.1 |
| devel | released | 5.1.0-5 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| esm-infra/bionic | not-affected | 5.1.0-2ubuntu1.2 |
| esm-infra/xenial | not-affected | code not present |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | released | 5.1.0-5 |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a ...
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack.
Уязвимость функции WavpackVerifySingleBlock компонента open_utils.c аудиокодека WavPack, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3