17 matches found
TencentOS Server 3: wavpack (TSSA-2022:0061)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0061 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Rocky Linux 8 : wavpack (RLSA-2020:1581)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1581 advisory. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion...
AlmaLinux 8 : wavpack (ALSA-2020:1581)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1581 advisory. - The function WavpackPackInit in packutils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service resource exhaustion...
Mageia: Security Advisory (MGASA-2019-0231)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : wavpack (CESA-2020:1581)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1581 advisory. - wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19840 - wawpack: Out-of-bounds read in WavpackVerifySingleBlock function lead...
[SECURITY] [DLA 2525-1] wavpack security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2525-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 15, 2021 https://wiki.debian.org/LTS -...
RLSA-2020:1581 Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19840 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads ...
Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19840 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads ...
ALSA-2020:1581 Low: wavpack security update
WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Security Fixes: wawpack: Infinite loop in WavpackPackInit function lead to DoS CVE-2018-19840 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads ...
Fedora 30 : mingw-wavpack (2020-73274c9df4)
Security fixes for: CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 CVE-2018-19840 CVE-2018-19841 CVE-2019-11498 CVE-2019-1010315 CVE-2019-1010319 CVE-2019-1010317 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora 31 : mingw-wavpack (2020-e55567b6be)
Security fixes for: CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 CVE-2018-19840 CVE-2018-19841 CVE-2019-11498 CVE-2019-1010315 CVE-2019-1010319 CVE-2019-1010317 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Updated wavpack packages fix security vulnerabilities
Updated wavpack packages fixes security vulnerabilities: Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319...
Ubuntu 18.04 LTS : WavPack vulnerabilities (USN-4062-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4062-1 advisory. Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service...
Ubuntu: Security Advisory (USN-4062-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4062-1: WavPack vulnerabilities
Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319...
CVE-2019-1010315
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig dsdiff.c:282. The attack vector is: Maliciously crafted .wav file. The fixed...
CVE-2019-1010315
CVE-2019-1010315 affects WavPack 5.1 and earlier. The vulnerability is a CWE-369 divide-by-zero in ParseDsdiffHeaderConfig (dsdiff.c:282) when parsing a malicious .wav file, which can cause the application to crash. The attack vector is a crafted WAV file. The fixed version is the code commit htt...