Published: 25/08/2022 Updated: 12/02/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

A floating point exception (divide-by-zero) issue exists in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sox project sox 14.4.2-7

Debian Bug report logs - #1010374 sox: CVE-2021-3643 CVE-2021-23210 Package: src:sox; Maintainer for src:sox is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 29 Apr 2022 20:42:01 UTC Severity: important Tags: security, upstream Fo ...

Multiple security issues were discovered in Sox, the Swiss Army knife of sound processing programs, which could result in denial of service or potentially the execution of arbitrary code if a malformed audio file is processed For the stable distribution (bullseye), these problems have been fixed in version 1442+git20190427-2+deb11u1 We recommen ...

One of the security fixes released as DSA 5356 introduced a regression in the processing of specific WAV files Updated sox packages are available to correct this issue For the stable distribution (bullseye), these problems have been fixed in version 1442+git20190427-2+deb11u2 We recommend that you upgrade your sox packages For the detailed se ...

A vulnerability was found in SoX, where a divide by zero exists in vocc:334, functon read_samples ...

CWE-369 https://sourceforge.net/p/sox/bugs/351/https://security.archlinux.org/CVE-2021-23210 https://bugzilla.redhat.com/show_bug.cgi?id=1975670 https://access.redhat.com/security/cve/CVE-2021-23210 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010374 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5356

CVE-2021-23210

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect