Published: 18/07/2023 Updated: 02/08/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an malicious user to cause Denial of Service or other unspecified impacts.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libsndfile project libsndfile -

Debian Bug report logs - #1051891 libsndfile: CVE-2022-33065 Package: src:libsndfile; Maintainer for src:libsndfile is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 13 Sep 2023 21:15:04 UTC Severity: important Tags: security, upstream ...

Multiple signed integers overflow in function au_read_header in src/auc and in functions mat4_open and mat4_read_header in src/mat4c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts (CVE-2022-33065) ...

DescriptionLibsndfile is vulnerable to integer overflow in function au_read_header in src/auc and in functions mat4_open and mat4_read_header in src/mat4c allows an attacker to cause Denial of ServiceLibsndfile is vulnerable to integer overflow in function au_read_header in src/auc and in functions mat4_open and mat4_read_header in src/m ...

CWE-190 https://github.com/libsndfile/libsndfile/issues/833 https://github.com/libsndfile/libsndfile/issues/789 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051891 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2024-2404.html

CVE-2022-33065

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect