Search CVE reports
41 – 50 of 134 results
Some fixes available 3 of 6
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.
1 affected package
audiofile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
audiofile | — | Not affected | Not affected | Fixed |
** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue.
1 affected package
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libsndfile | — | — | — | Ignored |
Some fixes available 4 of 5
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The...
1 affected package
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libsndfile | — | — | Not affected | Fixed |
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
1 affected package
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
file | — | — | — | Fixed |
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which “chown -R” will be run.
1 affected package
opentmpfiles
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
opentmpfiles | Not in release | Not in release | Needs evaluation | Not in release |
Some fixes available 2 of 3
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
1 affected package
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libsndfile | — | — | Not affected | Not affected |
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party “file” product. Versions before 5.31 allow remote attackers to cause a denial of service (application crash)...
1 affected package
file
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
file | — | — | — | — |
Some fixes available 4 of 6
In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.
1 affected package
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libsndfile | — | — | Not affected | Fixed |
Some fixes available 4 of 6
An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
1 affected package
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libsndfile | — | — | Not affected | Fixed |
Some fixes available 4 of 6
An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
1 affected package
libsndfile
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libsndfile | — | — | Not affected | Fixed |