Severity: High
Date : 2017-08-14
CVE-ID : CVE-2017-6827 CVE-2017-6828 CVE-2017-6829 CVE-2017-6830
CVE-2017-6831 CVE-2017-6832 CVE-2017-6833 CVE-2017-6834
CVE-2017-6835 CVE-2017-6836 CVE-2017-6837 CVE-2017-6838
CVE-2017-6839
Package : audiofile
Type : multiple issues
Remote : No
Link : https://security.archlinux.org/AVG-205
The package audiofile before version 0.3.6-4 is vulnerable to multiple
issues including arbitrary code execution, arbitrary command execution
and denial of service.
Upgrade to 0.3.6-4.
The problems have been fixed upstream but no release is available yet.
None.
Heap-based buffer overflow in msdapcmInitializeCoefficients
(msadcpcm.cpp) could lead to arbitrary code execution.
Heap-based buffer overflow in readValue (filehandle.cpp) could lead to
arbitrary code execution.
Global buffer overflow in decodesample (ima.cpp) that could lead to
arbitrary code execution
Heap-based buffer overflow in alaw2linear_buf that could lead to
arbitrary code execution.
Heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) that could
lead to arbitrary code execution.
Heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) that
could lead to arbitrary code execution.
Divide-by-zero triggers a crash in BlockCodec::runPull
(BlockCodec.cpp)
Heap-based buffer overflow in ulaw2linear_buf (G711.cpp)
Divide-by-zero triggers crash in BlockCodec::reset1 (BlockCodec.cpp)
audiofile: heap-based buffer overflow in Expand3To4Module::run
(SimpleModule.h)
Integer overflow triggering an assertion on the WAVE module using
sfconvert.
Integer overflow with the sfconvert command.
Integer overflow in sfconvert with the MSADPCM module.
An attacker can cause a denial of service, or execute arbitrary code or
command on the affected host via a crafted audio file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
https://security.archlinux.org/CVE-2017-6827
https://security.archlinux.org/CVE-2017-6828
https://security.archlinux.org/CVE-2017-6829
https://security.archlinux.org/CVE-2017-6830
https://security.archlinux.org/CVE-2017-6831
https://security.archlinux.org/CVE-2017-6832
https://security.archlinux.org/CVE-2017-6833
https://security.archlinux.org/CVE-2017-6834
https://security.archlinux.org/CVE-2017-6835
https://security.archlinux.org/CVE-2017-6836
https://security.archlinux.org/CVE-2017-6837
https://security.archlinux.org/CVE-2017-6838
https://security.archlinux.org/CVE-2017-6839
blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/
blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
security.archlinux.org/AVG-205
security.archlinux.org/CVE-2017-6827
security.archlinux.org/CVE-2017-6828
security.archlinux.org/CVE-2017-6829
security.archlinux.org/CVE-2017-6830
security.archlinux.org/CVE-2017-6831
security.archlinux.org/CVE-2017-6832
security.archlinux.org/CVE-2017-6833
security.archlinux.org/CVE-2017-6834
security.archlinux.org/CVE-2017-6835
security.archlinux.org/CVE-2017-6836
security.archlinux.org/CVE-2017-6837
security.archlinux.org/CVE-2017-6838
security.archlinux.org/CVE-2017-6839