Lucene search

wavpack -- multiple invalid memory reads

🗓️ 21 Jan 2017 00:00:00Reported by FreeBSDType

wavpack multiple invalid memory reads. Global buffer overread, heap out of bounds read

Reporter	Title	Published	Views	Family All 74
Fedora	[SECURITY] Fedora 25 Update: wavpack-5.1.0-1.fc25	2 Feb 201720:30	–	fedora
Fedora	[SECURITY] Fedora 24 Update: wavpack-5.1.0-1.fc24	4 Feb 201723:49	–	fedora
Fedora	[SECURITY] Fedora 24 Update: mingw-wavpack-5.1.0-1.fc24	20 Feb 201719:20	–	fedora
Fedora	[SECURITY] Fedora 25 Update: mingw-wavpack-5.1.0-1.fc25	20 Feb 201718:55	–	fedora
Tenable Nessus	SUSE SLED12 / SLES12 Security Update : wavpack (SUSE-SU-2018:0608-1)	6 Mar 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : wavpack (openSUSE-2018-227)	7 Mar 201800:00	–	nessus
Tenable Nessus	FreeBSD : wavpack -- multiple invalid memory reads (f1075415-f5e9-11e6-a4e2-5404a68ad561)	21 Feb 201700:00	–	nessus
Tenable Nessus	Fedora 24 : wavpack (2017-9d7f592a03)	6 Feb 201700:00	–	nessus
Tenable Nessus	SUSE SLES11 Security Update : wavpack (SUSE-SU-2018:0607-1)	6 Mar 201800:00	–	nessus
Tenable Nessus	Fedora 25 : wavpack (2017-ab4f51572f)	3 Feb 201700:00	–	nessus

Source	Link
github	www.github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc
openwall	www.openwall.com/lists/oss-security/2017/01/23/4

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	wavpack	5.1.0	UNKNOWN

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Jan 2017 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS24.3

CVSS35.5

EPSS0.00285

wavpack invalid memory reads unix heap out of bounds read buffer overread unreorder channels caff header.