CVE-2017-7585
published 2017-04-07CVE-2017-7585: In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially…
PriorityP422medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
EPSS
1.29%
66.7th percentile
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libsndfile | < libsndfile 1.0.27-2 (bookworm) | libsndfile 1.0.27-2 (bookworm) |
| debian | libsndfile | < libsndfile 1.0.27-3 (bookworm) | libsndfile 1.0.27-3 (bookworm) |
| libsndfile_project | libsndfile | <= 1.0.27 | — |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-2 | 1.0.27-2 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-3 | 1.0.27-3 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-2 | 1.0.27-2 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-3 | 1.0.27-3 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-2 | 1.0.27-2 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-3 | 1.0.27-3 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-2 | 1.0.27-2 |
| libsndfile_project | libsndfile | >= 0 < 1.0.27-3 | 1.0.27-3 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
vendor_debian5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c3h5-xmq3-3g76: In libsndfile before 1
ghsa_unreviewed·2022-05-17·CVSS 5.5
CVE-2017-7742 [MEDIUM] CWE-119 GHSA-c3h5-xmq3-3g76: In libsndfile before 1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
GHSA
GHSA-w427-j9xg-4f6g: In libsndfile before 1
ghsa_unreviewed·2022-05-17
CVE-2017-7585 [MEDIUM] CWE-119 GHSA-w427-j9xg-4f6g: In libsndfile before 1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
GHSA
GHSA-2933-mrxr-9gj9: In libsndfile before 1
ghsa_unreviewed·2022-05-17·CVSS 5.5
CVE-2017-7741 [MEDIUM] CWE-119 GHSA-2933-mrxr-9gj9: In libsndfile before 1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
OSV
CVE-2017-7741: In libsndfile before 1
osv·2017-04-12·CVSS 5.5
CVE-2017-7741 [MEDIUM] CVE-2017-7741: In libsndfile before 1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
OSV
CVE-2017-7742: In libsndfile before 1
osv·2017-04-12·CVSS 5.5
CVE-2017-7742 [MEDIUM] CVE-2017-7742: In libsndfile before 1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
OSV
CVE-2017-7585: In libsndfile before 1
osv·2017-04-07·CVSS 5.5
CVE-2017-7585 [MEDIUM] CVE-2017-7585: In libsndfile before 1
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Ubuntu
libsndfile vulnerabilities
vendor_ubuntu·2017-06-01
CVE-2017-7585 libsndfile vulnerabilities
Title: libsndfile vulnerabilities
Summary: Several security issues were fixed in libsndfile.
Agostino Sarubbo and Jakub Jirasek discovered that libsndfile incorrectly
handled certain malformed files. A remote attacker could use this issue to
cause libsndfile to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Instructions: After a standard system update you need to restart your session to make all
the necessary changes.
Red Hat
libsndfile: Invalid memory read in flac_buffer_copy function
vendor_redhat·2017-04-11·CVSS 5.5
CVE-2017-7742 [MEDIUM] CWE-125 libsndfile: Invalid memory read in flac_buffer_copy function
libsndfile: Invalid memory read in flac_buffer_copy function
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Package: libsndfile (Red Hat Enterprise Linux 6) - Will not fix
Package: libsndfile (Red Hat Enterprise Linux 7) - Will not fix
Red Hat
libsndfile: Invalid memory write in flac_buffer_copy function
vendor_redhat·2017-04-11·CVSS 5.5
CVE-2017-7741 [MEDIUM] CWE-787 libsndfile: Invalid memory write in flac_buffer_copy function
libsndfile: Invalid memory write in flac_buffer_copy function
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Package: libsndfile (Red Hat Enterprise Linux 6) - Will not fix
Package: libsndfile (Red Hat Enterprise Linux 7) - Will not fix
Red Hat
libsndfile: Stack-based buffer overflow in flac_buffer_copy()
vendor_redhat·2017-03-24·CVSS 5.5
CVE-2017-7585 [MEDIUM] CWE-121 libsndfile: Stack-based buffer overflow in flac_buffer_copy()
libsndfile: Stack-based buffer overflow in flac_buffer_copy()
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
A buffer overflow flaw was found in the way libsndfile handled FLAC files. This flaw could potentially be used to crash the application using libsndfile by tricking the application into processing specially crafted FLAC files.
Package: libsndfile (Red Hat Enterprise Linux 6) - Will not fix
Package: libsndfile (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2017-7741: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac...
vendor_debian·2017·CVSS 5.5
CVE-2017-7741 [MEDIUM] CVE-2017-7741: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac...
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Scope: local
bookworm: resolved (fixed in 1.0.27-2)
bullseye: resolved (fixed in 1.0.27-2)
forky: resolved (fixed in 1.0.27-2)
sid: resolved (fixed in 1.0.27-2)
trixie: resolved (fixed in 1.0.27-2)
Debian
CVE-2017-7585: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac...
vendor_debian·2017·CVSS 5.5
CVE-2017-7585 [MEDIUM] CVE-2017-7585: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac...
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Scope: local
bookworm: resolved (fixed in 1.0.27-2)
bullseye: resolved (fixed in 1.0.27-2)
forky: resolved (fixed in 1.0.27-2)
sid: resolved (fixed in 1.0.27-2)
trixie: resolved (fixed in 1.0.27-2)
Debian
CVE-2017-7742: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac...
vendor_debian·2017·CVSS 5.5
CVE-2017-7742 [MEDIUM] CVE-2017-7742: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac...
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585.
Scope: local
bookworm: resolved (fixed in 1.0.27-3)
bullseye: resolved (fixed in 1.0.27-3)
forky: resolved (fixed in 1.0.27-3)
sid: resolved (fixed in 1.0.27-3)
trixie: resolved (fixed in 1.0.27-3)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-7585 libsndfile: Stack-based buffer overflow in flac_buffer_copy()
bugzilla·2017-04-10·CVSS 5.5
CVE-2017-7585 [MEDIUM] CVE-2017-7585 libsndfile: Stack-based buffer overflow in flac_buffer_copy()
CVE-2017-7585 libsndfile: Stack-based buffer overflow in flac_buffer_copy()
In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file.
Upstream patch:
https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0
Discussion:
Created libsndfile tracking bugs for this issue:
Affects: fedora-all [bug 1440760]
Bugzilla
CVE-2017-7585 CVE-2017-7586 libsndfile: various flaws [fedora-all]
bugzilla·2017-04-10·CVSS 5.5
CVE-2017-7585 [MEDIUM] CVE-2017-7585 CVE-2017-7586 libsndfile: various flaws [fedora-all]
CVE-2017-7585 CVE-2017-7586 libsndfile: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora.
http://www.mega-nerd.com/libsndfile/#Historyhttp://www.mega-nerd.com/libsndfile/NEWShttps://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/https://security.gentoo.org/glsa/201707-04http://www.mega-nerd.com/libsndfile/#Historyhttp://www.mega-nerd.com/libsndfile/NEWShttps://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0https://secuniaresearch.flexerasoftware.com/secunia_research/2017-4/https://security.gentoo.org/glsa/201707-04
2017-04-07
Published