All errata/sisyphus/ALT-PU-2021-1825-1
ALT-PU-2021-1825-1

Package update libsndfile in branch sisyphus

Version1.0.31-alt1
Task#272065
Published2021-05-18
Max severityHIGH
Severity:

Closed issues (2)

BDU:2021-03899
HIGH8.8

Уязвимость функции msadpcm_decode_block библиотеки libsndfile, вызванная переполнением буфера, позволяющая нарушителю выполнить произвольный код

Published: 2021-08-04Modified: 2023-11-21
CVSS 3.xHIGH 8.8
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C
References
CVE-2021-3246
HIGH8.8

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

Published: 2021-07-20Modified: 2024-11-21
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References