Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-23159

Опубликовано: 25 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.5

Описание

A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.

РелизСтатусПримечание
bionic

released

14.4.2-3ubuntu0.18.04.2
devel

not-affected

14.4.2+git20190427-5build1
esm-apps/bionic

released

14.4.2-3ubuntu0.18.04.2
esm-apps/focal

released

14.4.2+git20190427-2+deb11u1build0.20.04.1
esm-apps/jammy

released

14.4.2+git20190427-2+deb11u1build0.22.04.1
esm-apps/noble

not-affected

14.4.2+git20190427-4build4
esm-apps/xenial

released

14.4.1-5+deb8u4ubuntu0.1+esm1
esm-infra-legacy/trusty

released

14.4.1-3ubuntu1.1+esm2
focal

released

14.4.2+git20190427-2+deb11u1build0.20.04.1
jammy

released

14.4.2+git20190427-2+deb11u1build0.22.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 9%
0.00033
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-23159

CVSS3: 4
redhat
почти 5 лет назад

A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.

nvd логотип

CVE-2021-23159

CVSS3: 5.5
nvd
больше 3 лет назад

A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.

debian логотип

CVE-2021-23159

CVSS3: 5.5
debian
больше 3 лет назад

A vulnerability was found in SoX, where a heap-buffer-overflow occurs ...

github логотип

GHSA-c7w7-5cff-9ccj

CVSS3: 5.5
github
больше 3 лет назад

A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.

fstec логотип

BDU:2024-07291

CVSS3: 5.5
fstec
почти 5 лет назад

Уязвимость функции lsx_read_w_buf() компонента formats_i.c программы обработки звука SoX, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 9%
0.00033
Низкий

5.5 Medium

CVSS3