RLSA-2022:1968 Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: heap out-of-bounds read in src/flac.c in flacbuffercopy CVE-2021-4156 For more details about the security issues, including the impact, a CVSS score,...

Moderate: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: heap out-of-bounds read in src/flac.c in flacbuffercopy CVE-2021-4156 For more details about the security issues, including the impact, a CVSS score,...

Denial Of Service (DoS)

libsndfile is vulnerable to denial of service. A stack-based buffer overflow in the flacbuffercopy function in flac.c allows an attacker to crash the application using a malicious FLAC file, or potentially execute arbitrary code on the system...

Heap overflow

The flacbuffercopy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

CVE-2017-8362

The flacbuffercopy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service invalid read and application crash via a crafted audio file...

CVE-2017-8363

The flacbuffercopy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted audio file...

Code injection

In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a segmentation violation with write memory access via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585...

CVE-2017-7741

CVE-2017-7741 affects libsndfile prior to 1.0.28. The flaw is in flac_buffer_copy() (flac.c) and can cause a segmentation fault with write memory access during a resample of a specially crafted FLAC file, similar to CVE-2017-7585. Connected sources confirm the vulnerability in libsndfile and reco...

Stack overflow

In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...

UBUNTU-CVE-2017-7585

In libsndfile before 1.0.28, an error in the "flacbuffercopy" function flac.c can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file...