Lucene search
Gentoo FoundationMGASA-2017-0168HistoryJun 12, 2017 - 10:42 a.m.
Updated libsndfile packages fix security vulnerabilities
2017-06-1210:42:23
Gentoo Foundation
advisories.mageia.org
15
0.004 Low
EPSS
Percentile
74.0%
A stack-based buffer overflow via a specially crafted FLAC file due to an error in the header_read() function (CVE-2017-7586). Several stack-based buffer overflows via a specially crafted FLAC file due to an error in the flac_buffer_copy() function (CVE-2017-7585, CVE-2017-7741, CVE-2017-7742). Global buffer overflow in flac_buffer_copy() (CVE-2017-8361). Invalid memory read in flac_buffer_copy() (CVE-2017-8362). Heap-based buffer overflow in flac_buffer_copy() (CVE-2017-8363). The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file (CVE-2017-8365).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | libsndfile | <Â 1.0.25-9.2 | libsndfile-1.0.25-9.2.mga5 |
Related
ubuntu
ubuntu
libsndfile vulnerabilities
2017-06-01 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : libsndfile vulnerabilities (USN-3306-1)
2017-06-02 00:00:00
openSUSE Security Update : libsndfile (openSUSE-2017-625)
2017-05-30 00:00:00
SUSE SLED12 / SLES12 Security Update : libsndfile (SUSE-SU-2017:1367-1)
2017-05-23 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:1236-1)
2021-06-09 00:00:00
Ubuntu: Security Advisory (USN-3306-1)
2017-06-02 00:00:00
Mageia: Security Advisory (MGASA-2017-0168)
2022-01-28 00:00:00
freebsd
freebsd
libsndfile -- multiple vulnerabilities
2017-04-07 00:00:00
libsndfile -- multiple vulnerabilities
2017-04-12 00:00:00
gentoo
gentoo
libsndfile: Multiple vulnerabilities
2017-07-08 00:00:00
libsndfile: Multiple vulnerabilities
2018-11-30 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: libsndfile-1.0.28-2.fc25
2017-06-12 21:42:34
[SECURITY] Fedora 26 Update: libsndfile-1.0.28-2.fc26
2017-06-09 20:25:15
[SECURITY] Fedora 24 Update: libsndfile-1.0.28-2.fc24
2017-06-15 08:23:07
osv
osv
libsndfile - security update
2017-05-28 00:00:00
CVE-2017-7742
2017-04-12 18:59:00
CVE-2017-7741
2017-04-12 18:59:00
debian
debian
[SECURITY] [DLA 956-1] libsndfile security update
2017-05-28 13:05:35
[SECURITY] [DLA 928-1] libsndfile security update
2017-04-29 19:33:02
[SECURITY] [DLA 1618-1] libsndfile security update
2018-12-26 08:42:45
cve
cve
alpinelinux
alpinelinux
prion
prion
cvelist
cvelist
debiancve
debiancve
ubuntucve
ubuntucve
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2020-05-10 23:23:53
Denial Of Service (DoS)
2020-05-10 23:23:51
Denial Of Service (DoS)
2020-05-10 23:27:14
rosalinux
rosalinux
Advisory ROSA-SA-2021-1890
2021-07-02 17:16:43
cbl_mariner
cbl_mariner
CVE-2017-8363 affecting package libsndfile 1.0.28-14
2021-04-07 00:22:54
CVE-2017-8362 affecting package libsndfile 1.0.28-14
2021-04-07 00:22:54
CVE-2017-8362 affecting package libsndfile 1.0.28-14
2021-04-07 00:22:54
rapid7blog
rapid7blog
NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS
2021-01-29 14:20:22