Heap-based buffer overflow in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service

...

OPENSUSE-SU-2024:10640-1 audiofile-0.3.6-11.13 on GA media

These are all security issues fixed in the audiofile-0.3.6-11.13 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2020-18781

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert...

DEBIAN-CVE-2020-18781

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert...

AZL-7181 CVE-2017-6838 affecting package audiofile 0.3.6-27

Integer overflow in sfcommands/sfconvert.c in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

AZL-7172 CVE-2017-6829 affecting package audiofile 0.3.6-27

The decodeSample function in IMA.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

CVE-2017-6828

Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile aka libaudiofile and Audio File Library 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file...

UBUNTU-CVE-2017-6829

The decodeSample function in IMA.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...