libsndfile -- multiple vulnerabilities

2017-04-12T00:00:00
ID 2B386075-1D9C-11E8-B6AA-4CCC6ADDA413
Type freebsd
Reporter FreeBSD
Modified 2017-04-12T00:00:00

Description

Agostino Sarubbo, Gentoo reports:

CVE-2017-8361 (Medium): The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

CVE-2017-8362 (Medium): The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.

CVE-2017-8363 (Medium): The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

CVE-2017-8365 (Medium): The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

manxorist on Github reports:

CVE-2017-12562 (High): Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Xin-Jiang on Github reports:

CVE-2017-14634 (Medium): In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.