Описание
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 14.4.2-3ubuntu0.18.04.1 |
| cosmic | ignored | end of life |
| devel | released | 14.4.2+git20190427-1 |
| disco | released | 14.4.2-3ubuntu0.19.04.1 |
| eoan | released | 14.4.2+git20190427-1 |
| esm-apps/bionic | released | 14.4.2-3ubuntu0.18.04.1 |
| esm-apps/focal | released | 14.4.2+git20190427-1 |
| esm-apps/jammy | released | 14.4.2+git20190427-1 |
| esm-apps/xenial | released | 14.4.1-5+deb8u4ubuntu0.1 |
| esm-infra-legacy/trusty | released | 14.4.1-3ubuntu1.1+esm1 |
Показывать по
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
Уязвимость функции channel_start (remix.c) аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2
5.5 Medium
CVSS3