FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libsndfile -- multiple vulnerabilities

Affected packages
libsndfile <= 1.0.28
linux-c6-libsndfile <= 1.0.28
linux-c7-libsndfile <= 1.0.28

Details

VuXML ID 2b386075-1d9c-11e8-b6aa-4ccc6adda413
Discovery 2017-04-12
Entry 2018-03-01

Agostino Sarubbo, Gentoo reports:

CVE-2017-8361 (Medium): The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.

CVE-2017-8362 (Medium): The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.

CVE-2017-8363 (Medium): The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

CVE-2017-8365 (Medium): The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

manxorist on Github reports:

CVE-2017-12562 (High): Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Xin-Jiang on Github reports:

CVE-2017-14634 (Medium): In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

References

CVE Name CVE-2017-12562
CVE Name CVE-2017-14634
CVE Name CVE-2017-8361
CVE Name CVE-2017-8362
CVE Name CVE-2017-8363
CVE Name CVE-2017-8365
URL https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/
URL https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
URL https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/
URL https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/
URL https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788
URL https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8
URL https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8
URL https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
URL https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
URL https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
URL https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
URL https://github.com/erikd/libsndfile/issues/230
URL https://github.com/erikd/libsndfile/issues/231
URL https://github.com/erikd/libsndfile/issues/232
URL https://github.com/erikd/libsndfile/issues/233
URL https://github.com/erikd/libsndfile/issues/292/
URL https://github.com/erikd/libsndfile/issues/318