Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-23159HistoryAug 25, 2022 - 8:15 p.m.
CVE-2021-23159
2022-08-2520:15:08
Debian Security Bug Tracker
security-tracker.debian.org
15
sox
vulnerability
heap-buffer-overflow
crafted file
application crash
unix
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
34.5%
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | sox | < 14.4.2+git20190427-3.2 | sox_14.4.2+git20190427-3.2_all.deb |
| Debian | 11 | all | sox | < 14.4.2+git20190427-2+deb11u1 | sox_14.4.2+git20190427-2+deb11u1_all.deb |
| Debian | 999 | all | sox | < 14.4.2+git20190427-3.2 | sox_14.4.2+git20190427-3.2_all.deb |
| Debian | 13 | all | sox | < 14.4.2+git20190427-3.2 | sox_14.4.2+git20190427-3.2_all.deb |
Related
ubuntucve
ubuntucve
veracode
veracode
Denial Of Service (DoS)
2022-08-26 01:55:35
cve
cve
CVE-2021-23159
2022-08-25 20:15:08
alpinelinux
alpinelinux
CVE-2021-23159
2022-08-25 20:15:08
cvelist
cvelist
CVE-2021-23159
2022-08-25 19:35:04
prion
prion
Heap overflow
2022-08-25 20:15:00
redhatcve
redhatcve
CVE-2021-23159
2021-06-24 07:57:24
nvd
nvd
CVE-2021-23159
2022-08-25 20:15:08
openvas
openvas
Debian: Security Advisory (DSA-5356-1)
2023-02-23 00:00:00
Ubuntu: Security Advisory (USN-5904-1)
2023-03-03 00:00:00
Ubuntu: Security Advisory (USN-5904-2)
2023-03-21 00:00:00
debian
debian
[SECURITY] [DSA 5356-1] sox security update
2023-02-20 19:08:52
[SECURITY] [DLA 3315-1] sox security update
2023-02-10 06:10:28
nessus
nessus
Debian DSA-5356-1 : sox - security update
2023-02-22 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : SoX vulnerabilities (USN-5904-1)
2023-03-02 00:00:00
openSUSE 15 Security Update : sox (openSUSE-SU-2023:0328-1)
2023-10-27 00:00:00
osv
osv
sox - security update
2023-02-20 00:00:00
sox vulnerabilities
2023-03-02 11:42:50
sox regression
2023-03-20 17:28:28
ubuntu
ubuntu
SoX regression
2023-03-20 00:00:00
SoX vulnerabilities
2023-03-02 00:00:00
mageia
mageia
Updated sox packages fix security vulnerability
2023-02-27 23:27:16
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
34.5%
Related for DEBIANCVE:CVE-2021-23159