2 matches found
PT-2019-2904 · Sox +2 · Sox +2
Name of the Vulnerable Software and Affected Versions: SoX versions 14.4.2 Description: The issue is related to an integer overflow in the channels start function of the SoX audio editor, which can lead to a heap-based buffer overflow. This can be exploited by a remote attacker to cause a denial ...
UBUNTU-CVE-2019-8355
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsxvalloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channelsstart in remix.c...