Arbitrary Code Execution

2021-02-0903:04:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

buffer overflow

segmentation fault

heap-based

unallocated memory block

libmysofa

EPSS

0.001

Percentile

42.3%

JSON

libmysofa.so is vulnerable to arbitrary code execution. The heap-based buffer overflow caused by a segmentation fault in loudness() in libmysofa/src/hrtf/tools.c allows arbitrary code execution through access to unallocated memory block.

References

github.com/hoene/libmysofa/commit/e4800923da7a6f44b4cb426af65dd16f2f0b5a56

github.com/hoene/libmysofa/issues/135

lists.fedoraproject.org/archives/list/[email protected]/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/

EPSS

0.001

Percentile

42.3%

JSON

Related for VERACODE:29302