Lucene search
RedhatCVE-2023-26590HistoryJul 10, 2023 - 6:15 p.m.
CVE-2023-26590
2023-07-1018:15:10
CWE-1077
CWE-697
redhat
web.nvd.nist.gov
35
cve-2023-26590
floating point
exception
vulnerability
sox
denial of service
nvd
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
25.9%
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
Affected configurations
Node
sox_projectsoxMatch14.4.3
Node
fedoraprojectextra_packages_for_enterprise_linuxMatch8.0
ORfedoraprojectfedoraMatch38
ORredhatenterprise_linuxMatch6.0
ORredhatenterprise_linuxMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sox_project | sox | 14.4.3 | cpe:2.3:a:sox_project:sox:14.4.3:*:*:*:*:*:*:* |
| fedoraproject | extra_packages_for_enterprise_linux | 8.0 | cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:* |
| fedoraproject | fedora | 38 | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* |
| redhat | enterprise_linux | 6.0 | cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* |
| redhat | enterprise_linux | 7.0 | cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "sox",
"vendor": "n/a",
"defaultStatus": "affected"
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "sox",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "sox",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"product": "Fedora",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "sox",
"defaultStatus": "affected"
},
{
"product": "Extra Packages for Enterprise Linux",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "sox",
"defaultStatus": "affected"
}
]Related
veracode
veracode
Denial Of Service (DoS)
2023-07-13 08:33:04
nvd
nvd
CVE-2023-26590
2023-07-10 18:15:10
prion
prion
Design/Logic Flaw
2023-07-10 18:15:00
cvelist
cvelist
CVE-2023-26590 Floating point exception in src/aiff.c
2023-07-10 17:14:14
debiancve
debiancve
CVE-2023-26590
2023-07-10 18:15:10
ubuntucve
ubuntucve
CVE-2023-26590
2023-07-10 00:00:00
redhatcve
redhatcve
CVE-2023-26590
2023-06-06 07:55:16
nessus
nessus
Amazon Linux 2 : sox (ALAS-2023-2231)
2023-09-08 00:00:00
RHEL 6 : sox (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : sox (Unpatched Vulnerability)
2024-05-11 00:00:00
amazon
amazon
Medium: sox
2023-08-31 22:29:00
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
25.9%
Related for CVE-2023-26590