Fedora 43 : musescore (2026-c571483404)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c571483404 advisory. Rebuilt with updated drwav to fix CVE-2026-29022. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 43 : easyrpg-player (2026-63c5e7d076)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-63c5e7d076 advisory. Rebuilt with updated drwav to fix CVE-2026-29022 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 43 : dr_libs (2026-d1d665c9d5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d1d665c9d5 advisory. drflac ======= v0.13.3 - 2026-01-17 -------------------- - Fix a compiler compatibility issue with some inlined assembly. - Fix a compilation warning. drmp3...

Fedora 44 : easyrpg-player (2026-f96e9bd006)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f96e9bd006 advisory. Rebuilt with updated drwav to fix CVE-2026-29022 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Fedora 44 : dr_libs (2026-c2889d2725)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c2889d2725 advisory. drflac ======= v0.13.3 - 2026-01-17 -------------------- - Fix a compiler compatibility issue with some inlined assembly. - Fix a compilation warning. drmp3...

CVE-2026-29022 mackron / dr_libs dr_wav.h Heap Buffer Overflow via WAV File

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

CVE-2026-29022

CVE-2026-29022 affects dr_libs/dr_wav.h up to version 0.14.4. The vulnerability is a heap buffer overflow in the function drwav__read_smpl_to_metadata_obj() , caused by a mismatch between sampleLoopCount validation in pass 1 and unconditional processing in pass 2, allowing memory corruption via c...

CVE-2026-29022 mackron / dr_libs dr_wav.h Heap Buffer Overflow via WAV File

drlibs drwav.h version 0.14.4 and earlier fixed in commit 8a7258c contain a heap buffer overflow vulnerability in the drwavreadsmpltometadataobj function of drwav.h that allows memory corruption via crafted WAV files. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 a...

Fedora 43 : dr_libs (2025-894ea1b6a5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-894ea1b6a5 advisory. drflac v0.13.2 - 2025-12-02 - Improve robustness of the parsing of picture metadata to improve support for memory constrained embedded devices. - Fix a warni...

Fedora 36 : dr_libs (2023-9b87fb6b07)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-9b87fb6b07 advisory. Update to 4b3d078 drwav 0.13.8: fix a possible null-pointer dereference and a crash when loading files with badly-formed metadata. Tenable has extracted the...