logo
DATABASE RESOURCES PRICING ABOUT US

Amazon Linux 2 : libsndfile (ALAS-2021-1713)

Description

The version of libsndfile installed on the remote host is prior to 1.0.25-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1713 advisory. - A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file. (CVE-2021-3246) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related