Errata ALT-PU-2024-6378-3: Information
Fixes
Published: Feb. 15, 2019
BDU:2019-02872
Уязвимость функции lsx_make_lpf (effect_i_dsp.c) аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.0) Vector: AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 15, 2019
BDU:2019-02873
Уязвимость функции channel_start (remix.c) аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 15, 2019
BDU:2019-02874
Уязвимость функции bitrv2 (fft4g.c) аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 15, 2019
BDU:2019-02875
Уязвимость функции lsx_make_lpf (effect_i_dsp.c) аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: June 28, 2019
BDU:2019-02928
Уязвимость функции startread библиотеки libsox.a аудиоредактора Sound eXchange (SoX), позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 30, 2017
BDU:2023-01648
Уязвимость функции read_samples компонента hcom.c программы обработки звука SoX, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: July 9, 2021
BDU:2023-01677
Уязвимость функции lsx_adpcm_init программы обработки звука SoX, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании
Severity: CRITICAL (9.1) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Links:
Published: Feb. 3, 2023
BDU:2023-01700
Уязвимость функции start_read() программы обработки звука SoX, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: Feb. 10, 2023
BDU:2023-01722
Уязвимость функции lsx_aiffstartwrite компонента aiff.c аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3) Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 10, 2023
BDU:2023-01723
Уязвимость функции rate_init компонента rate.c аудиоредактора Sound eXchange, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.3) Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: July 10, 2023
BDU:2023-05656
Уязвимость функции read_samples() программы обработки звука Sound eXchange (SoX), позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.2) Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Links:
Published: July 31, 2017
Modified: March 8, 2019
Modified: March 8, 2019
CVE-2017-11332
The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: July 31, 2017
Modified: Feb. 7, 2023
Modified: Feb. 7, 2023
CVE-2017-11358
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
- http://seclists.org/fulldisclosure/2017/Jul/81
- 42398
- [debian-lts-announce] 20171130 [SECURITY] [DLA 1197-1] sox security update
- GLSA-201810-02
- [debian-lts-announce] 20190305 [SECURITY] [DLA 1705-1] sox security update
- [oss-security] 20230203 sox: patches for old vulnerabilities
- [oss-security] 20230204 Re: sox: patches for old vulnerabilities
- [oss-security] 20230205 Re: sox: patches for old vulnerabilities
- [oss-security] 20230206 Re: sox: patches for old vulnerabilities
Published: July 31, 2017
Modified: March 8, 2019
Modified: March 8, 2019
CVE-2017-11359
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 16, 2017
Modified: June 24, 2021
Modified: June 24, 2021
CVE-2017-15370
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 16, 2017
Modified: June 24, 2021
Modified: June 24, 2021
CVE-2017-15371
There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 16, 2017
Modified: June 24, 2021
Modified: June 24, 2021
CVE-2017-15372
There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Oct. 19, 2017
Modified: June 24, 2021
Modified: June 24, 2021
CVE-2017-15642
In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: July 14, 2019
Modified: Feb. 10, 2023
Modified: Feb. 10, 2023
CVE-2019-13590
An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 16, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-8354
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
Severity: MEDIUM (5.0) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 16, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-8355
An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 16, 2019
Modified: Aug. 24, 2020
Modified: Aug. 24, 2020
CVE-2019-8356
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Feb. 16, 2019
Modified: May 28, 2019
Modified: May 28, 2019
CVE-2019-8357
An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.
Severity: MEDIUM (5.5) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Aug. 25, 2022
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2021-23159
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: Aug. 25, 2022
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2021-33844
A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: May 2, 2022
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2021-3643
A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.
Severity: CRITICAL (9.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Links:
Published: April 14, 2022
Modified: Feb. 23, 2023
Modified: Feb. 23, 2023
CVE-2021-40426
A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Links:
Published: May 26, 2022
Modified: Feb. 23, 2023
Modified: Feb. 23, 2023
CVE-2022-31650
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: May 26, 2022
Modified: Feb. 23, 2023
Modified: Feb. 23, 2023
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Links:
Published: July 10, 2023
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2023-32627
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links: