37 matches found
CVE-2021-40426
A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40426
A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-40426
CVE-2021-40426 is a heap-buffer-overflow in the sphere.c start_read() path of Sound Exchange SoX (libsox) 14.4.2 and the master commit 42b3557e. A specially crafted input file can trigger the overflow, with potential outcomes including crash or more severe impact as described in related advisorie...
CVE-2021-40426
A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2021-1434 Sound Exchange libsox sphere.c startread heap-based buffer overflow vulnerability March 23, 2022 CVE Number CVE-2021-40426 SUMMARY A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 a...
Sound Exchange libsox 缓冲区错误漏洞
Sound Exchange libsox is a library of sound sample file format readers/writers and sound processors organized by Sound Exchange. It was developed primarily for SoX use, but is useful for any sound application. A security vulnerability exists in Sound Exchange libsox version 14.4.2, which stems fr...
SoX 缓冲区错误漏洞
SoX is a set of open source audio processing tools. The product supports playing, converting and recording audio in multiple formats. A security vulnerability exists in SoX version 14.4.1, which stems from the lsxadpcminit function in libsox that causes a global buffer overflow...
The vulnerability of the `startread` function in the `libsox.a` library of the Sound Exchange (SoX) editor allows a attacker to cause a service failure.
The vulnerability of the startread function in sox-fmt.h of the libsox.a library, a part of the Sound Exchange SoX audio editor, is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...
CVE-2019-13590
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fed into the lsxcalloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid...
AZL-44592 CVE-2019-13590 affecting package sox 14.4.2.0-34
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fed into the lsxcalloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid...
DEBIAN-CVE-2019-13590
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fed into the lsxcalloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid...
UBUNTU-CVE-2019-13590
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fed into the lsxcalloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid...
SoX Input Validation Error Vulnerability
SoX is a set of open source audio processing tools. The product supports playing, converting and recording audio in many formats. An input validation error vulnerability exists in the libsox.a file in SoX version 14.4.2. The vulnerability originates from a network system or product that does not...
CVE-2019-13590
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fed into the lsxcalloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid...
CVE-2019-13590
CVE-2019-13590 affects SoX 14.4.2 in the library libsox.a. The issue is in sox-fmt.h startread: an integer addition overflow feeds into lsx_calloc, and when malloc returns NULL the code dereferences it in lsx_readbuf (formats_i.c), potentially crashing the app. Connected advisories reiter the roo...
Debian: Security Advisory (DLA-1808-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2021-7702 · Sox +4 · Sox +4
Name of the Vulnerable Software and Affected Versions: sox version 14.4.1 Description: A flaw in the lsx adpcm init function within libsox leads to a global-buffer-overflow. This issue allows an attacker to input a malicious file, resulting in the disclosure of sensitive information. The...