ALT-PU-2021-1825-1
Package libsndfile updated to version 1.0.31-alt1 for branch sisyphus in task 272065.
Closed vulnerabilities
Published: 2021-01-15
BDU:2021-03899
Уязвимость функции msadpcm_decode_block библиотеки libsndfile, вызванная переполнением буфера, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (8.8)
Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2021-07-20
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-3246
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
Severity: HIGH (8.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- https://github.com/libsndfile/libsndfile/issues/687
- https://github.com/libsndfile/libsndfile/issues/687
- [debian-lts-announce] 20210729 [SECURITY] [DLA 2722-1] libsndfile security update
- [debian-lts-announce] 20210729 [SECURITY] [DLA 2722-1] libsndfile security update
- FEDORA-2021-e2dc109b4c
- FEDORA-2021-e2dc109b4c
- FEDORA-2021-8fef82e363
- FEDORA-2021-8fef82e363
- GLSA-202309-11
- GLSA-202309-11
- DSA-4947
- DSA-4947