libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

Astra Linux - уязвимость в ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the file libavfilter/afafade.c within crossfadesamplesfltp. This vulnerability may lead to memory corruption and other potential issues...

Astra Linux - уязвимость в sox

The readsamples function in hcom.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted hcom file...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Buffer overflow has been fixed in tcpbasertt. Using sizeofnv or strlennv+1 is correct...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the input file. If th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Comedi: The issue related to the use of uninitialized data in insnrwemulatebits has been fixed. For Comedi INSNREAD and INSNWRITE instructions on “digital” subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Comedi: The initialization of data for instructions that write to subdevices has been fixed. It is known that some Comedi subdevice instruction handlers access data elements beyond the first insn-n elements in some cases. The...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: Make insnrwemulatebits handle insn-n samples. The insnrwemulatebits function is used as a default handler for INSNREAD instructions for sub-devices that have a handler for INSNBITS but not for INSNREAD. Similarly, it is...

Astra Linux - уязвимость в sox

A floating-point exception division by zero issue was discovered in SoX within the readsamples function of the voc.c file. An attacker with a malicious file could cause the application to crash...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed a race condition when gathering fdinfo group samples The commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups using an xarray lock, which could lead to use-after-free...

Astra Linux - уязвимость в speex

A vulnerability involving division by zero in the static int readsamples function of Speex v1.2 allows attackers to cause a Denial-of-Service attack through a specially crafted WAV file...

Astra Linux - уязвимость в sox

A floating-point exception vulnerability was discovered in sox, within the readsamples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service...

Astra Linux - уязвимость в gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. An out-of-bounds read has been detected in the function qtdemuxparsesamples within qtdemux.c. This issue occurs when the function qtdemuxparsesamples reads data beyond the boundaries of the stream-stco buffer. The...

CVE-2026-32738

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF sequence file. This file, with samplesperchunk=0, triggers an unsigned integer underflow, causing the library to map all samples t...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...

ALPINE-CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

CVE-2026-32738 libheif has a Heap OOB Read/SEGV Crash via Zero samples_per_chunk

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

EUVD-2026-30972

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...