Lucene search
Veracode Vulnerability DatabaseVERACODE:25099HistoryApr 29, 2020 - 2:42 a.m.
Privilege Escalation
2020-04-2902:42:49
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.002 Low
EPSS
Percentile
64.8%
libsndfile is vulnerable to privilege escalation. The vulnerability exists through a buffer over-read in the function i2alaw_array in alaw.c.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libsndfile | eq | 1.0.28__8.el8 | |
| libsndfile | eq | 1.0.25__11.el7 | |
| libsndfile:3.5 | eq | 1.0.28-r3 |
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
access.redhat.com/errata/RHSA-2020:1636
access.redhat.com/security/updates/classification/#moderate
github.com/erikd/libsndfile/issues/429
lists.debian.org/debian-lts-announce/2018/12/msg00016.html
lists.debian.org/debian-lts-announce/2020/10/msg00030.html
usn.ubuntu.com/4013-1/
Related
alpinelinux
alpinelinux
CVE-2018-19662
2018-11-29 08:29:00
redhat
redhat
(RHSA-2020:3922) Low: libsndfile security update
2020-09-29 07:43:54
(RHSA-2020:1636) Moderate: libsndfile security update
2020-04-28 08:59:15
nessus
nessus
EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2019-1590)
2019-05-29 00:00:00
Amazon Linux 2 : libsndfile (ALAS-2020-1529)
2020-10-28 00:00:00
Oracle Linux 7 : libsndfile (ELSA-2020-3922)
2020-10-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2018-19662 affecting package libsndfile 1.0.28-14
2021-04-07 00:22:54
CVE-2018-19662 affecting package libsndfile 1.0.28-14
2021-04-07 00:22:54
cve
cve
CVE-2018-19662
2018-11-29 08:29:00
centos
centos
libsndfile security update
2020-10-20 18:23:49
redhatcve
redhatcve
CVE-2018-19662
2018-12-14 20:49:20
osv
osv
CVE-2018-19662
2018-11-29 08:29:00
Moderate: libsndfile security update
2020-04-28 08:59:15
Moderate: libsndfile security update
2020-04-28 08:59:15
prion
prion
Buffer overflow
2018-11-29 08:29:00
amazon
amazon
Low: libsndfile
2020-10-22 18:18:00
openvas
openvas
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2019-1590)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2019-1591)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2020-1990)
2020-09-08 00:00:00
oraclelinux
oraclelinux
libsndfile security update
2020-10-06 00:00:00
libsndfile security update
2020-05-05 00:00:00
debiancve
debiancve
CVE-2018-19662
2018-11-29 08:29:00
nvd
nvd
CVE-2018-19662
2018-11-29 08:29:00
ubuntucve
ubuntucve
CVE-2018-19662
2018-11-29 00:00:00
cvelist
cvelist
CVE-2018-19662
2018-11-29 07:00:00
mageia
mageia
Updated libsndfile packages fix security vulnerabilities
2020-05-05 15:20:37
rocky
rocky
libsndfile security update
2020-04-28 08:59:15
almalinux
almalinux
Moderate: libsndfile security update
2020-04-28 08:59:15
debian
debian
[SECURITY] [DLA 2418-1] libsndfile security update
2020-10-29 16:00:20
[SECURITY] [DLA 1618-1] libsndfile security update
2018-12-26 08:42:22
ubuntu
ubuntu
libsndfile vulnerabilities
2019-06-10 00:00:00
libsndfile vulnerabilities
2021-01-26 00:00:00