Astra Linux - уязвимость в sox

A heap buffer overflow vulnerability was discovered in sox, within the lsxreadbuf function at sox/src/formatsi.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure...

CVE-2023-32627

A floating point exception vulnerability was found in sox, in the readsamples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service...

CVE-2022-31651

A heap-based buffer overflow vulnerability exists in the inlsxaiffstartwrite.environment of the Sound Exchange sox library. A specially-crafted file can lead to a float point exception. This flaw allows an attacker to provide a malicious file to trigger this vulnerability...

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of the Sound Exchange sox library. A specially-crafted file can lead to a heap buffer overflow. This flaw allows an attacker to provide a malicious file to trigger this vulnerability...

CVE-2022-31651

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

AZL-43648 CVE-2022-31651 affecting package sox 14.4.2.0-34

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

UBUNTU-CVE-2021-3643

A flaw was found in sox 14.4.1. The lsxadpcminit function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information...

CVE-2019-1010004

An out-of-bounds read vulnerability was found in sox, due to insufficient validation of input data. An attacker could abuse this flaw by crafting a sound file that can cause the system to crash when read by sox or by an application using the sox library...

AZL-43765 CVE-2017-15371 affecting package sox for versions less than 14.4.2.0-33

There is a reachable assertion abort in the function soxappendcomment in formats.c in Sound eXchange SoX 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file...