5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
35.1%
A null pointer dereference bug was found in wavpack-5.4.0 The results from
the ASAN log: AddressSanitizer:DEADLYSIGNAL
===================================================================84257==ERROR:
AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6
bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a
WRITE memory access. ==84257==Hint: address points to the zero page. #0
0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in
__libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2
0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer
can not provide additional info. SUMMARY: AddressSanitizer: SEGV
cli/wvunpack.c:834 in main ==84257==ABORTING
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | wavpack | <Â any | UNKNOWN |
ubuntu | 20.04 | noarch | wavpack | <Â any | UNKNOWN |
ubuntu | 22.04 | noarch | wavpack | <Â any | UNKNOWN |
ubuntu | 23.10 | noarch | wavpack | <Â any | UNKNOWN |
ubuntu | 16.04 | noarch | wavpack | <Â 4.75.2-2ubuntu0.2+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
35.1%