CVE-2023-26590

2023-07-1018:15:10

Debian Security Bug Tracker

security-tracker.debian.org

sox

denial of service

vulnerability

unix

lsx_aiffstartwrite

cve-2023-26590

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

26.1%

JSON

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

OSVersionArchitecturePackageVersionFilename
Debian12allsox< 14.4.2+git20190427-3.1sox_14.4.2+git20190427-3.1_all.deb
Debian11allsox< 14.4.2+git20190427-2+deb11u1sox_14.4.2+git20190427-2+deb11u1_all.deb
Debian10allsox< 14.4.2+git20190427-1+deb10u1sox_14.4.2+git20190427-1+deb10u1_all.deb
Debian999allsox< 14.4.2+git20190427-3.1sox_14.4.2+git20190427-3.1_all.deb
Debian13allsox< 14.4.2+git20190427-3.1sox_14.4.2+git20190427-3.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	sox	< 14.4.2+git20190427-3.1	sox_14.4.2+git20190427-3.1_all.deb
Debian	11	all	sox	< 14.4.2+git20190427-2+deb11u1	sox_14.4.2+git20190427-2+deb11u1_all.deb
Debian	10	all	sox	< 14.4.2+git20190427-1+deb10u1	sox_14.4.2+git20190427-1+deb10u1_all.deb
Debian	999	all	sox	< 14.4.2+git20190427-3.1	sox_14.4.2+git20190427-3.1_all.deb
Debian	13	all	sox	< 14.4.2+git20190427-3.1	sox_14.4.2+git20190427-3.1_all.deb