Arbitrary Code Execution

2021-02-0903:04:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

42.4%

JSON

libmysofa.so is vulnerable to arbitrary code execution. The heap-based buffer overflow caused by a segmentation fault in loudness() in libmysofa/src/hrtf/tools.c allows arbitrary code execution through access to unallocated memory block.

CPENameOperatorVersion
libmysofa.sole1.0.0-1.1-1.epel8.playground.x86_64.debug

CPE	Name	Operator	Version
	libmysofa.so	le	1.0.0-1.1-1.epel8.playground.x86_64.debug

References

github.com/hoene/libmysofa/commit/e4800923da7a6f44b4cb426af65dd16f2f0b5a56

github.com/hoene/libmysofa/issues/135

lists.fedoraproject.org/archives/list/[email protected]/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/

0.001 Low

EPSS

Percentile

42.4%

JSON

Related for VERACODE:29302