15 matches found
CVE-2019-16092
CVE-2019-16092 concerns a NULL pointer dereference in libmysofa’s hrtf/reader.c by function getHrtf, affecting the 0.7 release of Symonics libmysofa. The issue yields a high/severe impact profile with CVSS metrics indicating possible high impact on confidentiality, integrity, and availability (C:...
CVE-2019-16094
Summary: CVE-2019-16094 affects libmysofa. The issue is an invalid read in readOHDRHeaderMessageDataLayout within hdf/dataobject.c. This vulnerability is referenced across multiple advisories (Ubuntu USN-4473-1, OpenSUSE SEC updates) and is associated with the 0.9.1 release that fixes a set of se...
CVE-2019-16093
CVE-2019-16093 concerns the libmysofa library (Symonics) with an invalid write in readOHDRHeaderMessageDataLayout within hdf/dataobject.c. Connected OpenSUSE/OpenUSVE entries confirm the issue existed in libmysofa prior to version 0.9.1 and document a remediation: upgrade to version 0.9.1. The Ub...
CVE-2019-16091
CVE-2019-16091 affects libmysofa 0.7 with an out-of-bounds read in directblockRead (hdf/fractalhead.c). This is fixed in libmysofa v0.9.1 (openSUSE security advisories OSV-2021:0444-1, SU-2021:0459-1) and included in Ubuntu USN-4473-1 as part of a batch of fixes for multiple CVEs. The CVSS vector...
CVE-2019-16095
CVE-2019-16095 affects Symonics libmysofa 0.7, with an invalid read in getDimension (hrtf/reader.c). Documented impact per CVSS: base 7.5 (HIGH), network attack, no user interaction, and partial confidentiality impact. Connected advisories indicate fixes in libmysofa 0.9.1 (openSUSE/SUSE updates)...
CVE-2020-6860
CVE-2020-6860 affects libmysofa 0.9.1 and involves a stack-based buffer overflow in readDataVar within hdf/dataobject.c while reading a header message attribute. Multiple security advisories (openSUSE, Fedora/EUVD/Nessus-like findings) corroborate the issue and route mitigation to updating to a f...
CVE-2019-20016
CVE-2019-20016 affects libmysofa. Multiple connected sources confirm the issue arises from insufficient restriction of recursive function calls, demonstrated by stack consumption in readOHDRHeaderMessageDatatype (dataobject.c) and directblockRead (fractalhead.c). The vulnerability is addressed in...
CVE-2019-20063
CVE-2019-20063 affects libmysofa prior to version 0.8, caused by an uninitialized use of memory in hdf/dataobject.c, demonstrated by mysofa2json. Several advisories confirm the issue and list it among CVEs fixed by updating to libmysofa 0.9.1 (openSUSE SU-2021-444/OSV entries; openSUSE backports)...
CVE-2020-36151
CVE-2020-36151 affects libmysofa (versions 0.5–1.1). The root cause is incorrect handling of input data in mysofa_resampler_reset_mem, leading to a heap buffer overflow that can overwrite large blocks of memory. Connected advisories confirm fixes in libmysofa 0.9.1 via openSUSE/SUSE security upda...
CVE-2020-36149
CVE-2020-36149 concerns libmysofa (versions 0.5–1.1) where incorrect handling of input data in changeAttribute can cause a NULL pointer dereference and segmentation fault, especially under memory-restricted or embedded environments. Connected advisories confirm the root cause in changeAttribute (...
CVE-2020-36148
CVE-2020-36148 affects the libmysofa library (versions 0.5–1.1). The issue is an incorrect handling of input data in verifyAttribute, which can cause a NULL pointer dereference and segmentation fault under restricted memory protection, or a near-NULL overwrite when memory is unrestricted (e.g., e...
CVE-2020-36150
CVE-2020-36150 affects libmysofa 0.5–1.1, caused by incorrect input handling in the loudness function, leading to a heap buffer overflow and access to unallocated memory. Connected advisories confirm this CVE alongside multiple related fixes; openSUSE/SUSE advisories update libmysofa to 0.9.1 to ...
CVE-2020-36152
CVE-2020-36152 is a buffer overflow in readDataVar() of hdf/dataobject.c in Symonics libmysofa (versions 0.5–1.1). The vulnerability could allow arbitrary code execution when parsing a crafted SOFA file. Public docs identify this CVE across multiple distributions and advisories, with remediation ...
CVE-2021-3756
CVE-2021-3756 affects the libmysofa library (as referenced across connected documents, including NVD and related advisories). The available details confirm a heap-based buffer overflow vulnerability in libmysofa. The connected sources do not specify affected versions, root cause specifics beyond ...
CVE-2019-10672
CVE-2019-10672 affects libmysofa prior to 0.7, where the function treeRead in hdf/btree.c does not properly validate multiplications and additions. This can lead to instability/crashes when processing certain inputs, as noted by multiple sources (e.g., USN-4033-1 for Ubuntu 18.04, Debian/OSV entr...