An issue exists in WavPack 5.1.0 and previous versions for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wavpack wavpack |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |