The vulnerability of the start_read() function in the SoX audio processing program allows a hacker to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the startread function in the SoX sound processing program is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and even cause service...

SUSE CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

Heap-based Buffer Overflow

sox is vulnerable to heap-based buffer overflow. The vulnerability exists in the startread function in sphere.c because an attacker can use a specially-crafted file which can trigger this vulnerability...

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of the Sound Exchange sox library. A specially-crafted file can lead to a heap buffer overflow. This flaw allows an attacker to provide a malicious file to trigger this vulnerability...

DEBIAN-CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40426

A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2021-40426

CVE-2021-40426 is a heap-buffer-overflow in the sphere.c start_read() path of Sound Exchange SoX (libsox) 14.4.2 and the master commit 42b3557e. A specially crafted input file can trigger the overflow, with potential outcomes including crash or more severe impact as described in related advisorie...

Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1434 Sound Exchange libsox sphere.c startread heap-based buffer overflow vulnerability March 23, 2022 CVE Number CVE-2021-40426 SUMMARY A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 a...

CVE-2014-8145

Multiple heap-based buffer overflows in Sound eXchange SoX 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the 1 startread or 2 AdpcmReadBlock function...

CVE-2014-8145

Multiple heap-based buffer overflows in Sound eXchange SoX 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the 1 startread or 2 AdpcmReadBlock function...