CVE-2018-10539Out-of-bounds Write in Wavpack

CWE-787Out-of-bounds Write11 documents7 sources
Severity
5.5MEDIUMNVD
OSV7.8
EPSS
0.6%
top 30.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
WavpackDebian WavpackDebian Linux
Timeline
PublishedApr 29
Latest updateMay 13

Description

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

debiandebian/wavpack< wavpack 5.1.0-3 (bookworm)
Debianwavpack/wavpack< 5.1.0-3+3
Ubuntuwavpack/wavpack< 5.1.0-2ubuntu1.1
NVDwavpack/wavpack5.1.0

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-5wgx-vm65-xvp4: An issue was discovered in WavPack 52022-05-13
OSV
wavpack vulnerabilities2018-04-30
OSV
CVE-2018-10539: An issue was discovered in WavPack 52018-04-29

📋Vendor Advisories

3
Ubuntu
WavPack vulnerabilities2018-04-30
Red Hat
wavpack: out of bounds write in ParseDsdiffHeaderConfig in dsdiff.c2018-04-22
Debian
CVE-2018-10539: wavpack - An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bo...2018

💬Community

4
Bugzilla
CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 mingw-wavpack: various flaws [epel-7]2018-05-03
Bugzilla
CVE-2018-10539 wavpack: out of bounds write in ParseDsdiffHeaderConfig in dsdiff.c2018-05-03
Bugzilla
CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 wavpack: various flaws [fedora-all]2018-05-03
Bugzilla
CVE-2018-10536 CVE-2018-10537 CVE-2018-10538 CVE-2018-10539 CVE-2018-10540 mingw-wavpack: various flaws [fedora-all]2018-05-03