A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an malicious user to input a malicious file, leading to the disclosure of sensitive information. (CVE-2021-3643) In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a. (CVE-2022-31650) In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. (CVE-2022-31651) A vulnerabilty was found in sox v14.4.3, Floating Point Exception vulnerability that exists in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This vulnerability could lead to security issues such as denial of service. (CVE-2023-26590) A vulnerabilty was found in sox v14.4.3, where floating point exception vulnerability that exists in the read_samples function at sox/src/voc.c:334:18. This vulnerability could lead to security issues such as denial of service. (CVE-2023-32627) A vulnerabilty was found in sox v14.4.3, heap-buffer-overflow vulnerability that exists in the startread function at sox/src/hcom.c:160:41. This vulnerability could lead to security issues such as denial of service, code execution, or information disclosure (CVE-2023-34318) A vulnerabilty was found in sox v14.4.3, heap-buffer-overflow vulnerability that exists in the lsx_readbuf function at sox/src/formats_i.c:98:16. This vulnerability could lead to security issues such as denial of service, code execution, or information disclosure. (CVE-2023-34432)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sox project sox 14.4.3 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 6.0 |
||
fedoraproject extra packages for enterprise linux 8.0 |
||
fedoraproject fedora 38 |