FreeBSD2B386075-1D9C-11E8-B6AA-4CCC6ADDA413libsndfile -- multiple vulnerabilities
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.005 Low
EPSS
Percentile
77.5%
Agostino Sarubbo, Gentoo reports:
CVE-2017-8361 (Medium): The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(buffer overflow and application crash) or possibly have unspecified
other impact via a crafted audio file.
CVE-2017-8362 (Medium): The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(invalid read and application crash) via a crafted audio file.
CVE-2017-8363 (Medium): The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted audio
file.
CVE-2017-8365 (Medium): The i2les_array function in pcm.c in libsndfile
1.0.28 allows remote attackers to cause a denial of service (buffer
over-read and application crash) via a crafted audio file.
manxorist on Github reports:
CVE-2017-12562 (High): Heap-based Buffer Overflow in the
psf_binheader_writef function in common.c in libsndfile through
1.0.28 allows remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact.
Xin-Jiang on Github reports:
CVE-2017-14634 (Medium): In libsndfile 1.0.28, a divide-by-zero
error exists in the function double64_init() in double64.c, which
may lead to DoS when playing a crafted audio file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | libsndfile | < 1.0.28_2 | UNKNOWN |
| FreeBSD | any | noarch | linux-c6-libsndfile | < 1.0.28_2 | UNKNOWN |
| FreeBSD | any | noarch | linux-c7-libsndfile | < 1.0.28_2 | UNKNOWN |
References
blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/
blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/
github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788
github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8
github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8
github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
github.com/erikd/libsndfile/issues/230
github.com/erikd/libsndfile/issues/231
github.com/erikd/libsndfile/issues/232
github.com/erikd/libsndfile/issues/233
github.com/erikd/libsndfile/issues/292/
github.com/erikd/libsndfile/issues/318
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.005 Low
EPSS
Percentile
77.5%