CVE-2019-8357 ā€” NULL Pointer Dereference in Exchange Project Sound Exchange

CWE-476 ā€” NULL Pointer Dereference12 documents8 sources
Severity
5.5MEDIUMNVD
OSV5.0
EPSS
0.6%
top 29.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sound Exchange Project Sound Exchange
Timeline
PublishedFeb 15
Latest updateMay 14

Description

An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

šŸ”“Vulnerability Details

5
GHSA
GHSA-qmr3-6jfh-4h6m: An issue was discovered in SoX 14ā†—2022-05-14
ā–¶
OSV
sox vulnerabilitiesā†—2019-08-01
ā–¶
OSV
sox vulnerabilitiesā†—2019-07-30
ā–¶
CVEList
CVE-2019-8357: An issue was discovered in SoX 14ā†—2019-02-15
ā–¶
OSV
CVE-2019-8357: An issue was discovered in SoX 14ā†—2019-02-15
ā–¶

šŸ“‹Vendor Advisories

4
Ubuntu
SoX vulnerabilitiesā†—2019-08-01
ā–¶
Ubuntu
SoX vulnerabilitiesā†—2019-07-30
ā–¶
Red Hat
sox: null pointer dereference in function lsx_make_lpf in effect_i_dsp.cā†—2019-02-07
ā–¶
Debian
CVE-2019-8357: sox - An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a N...ā†—2019
ā–¶

šŸ’¬Community

2
Bugzilla
CVE-2019-8357 sox: null pointer dereference in function lsx_make_lpf in effect_i_dsp.c [fedora-all]ā†—2019-02-18
ā–¶
Bugzilla
CVE-2019-8357 sox: null pointer dereference in function lsx_make_lpf in effect_i_dsp.cā†—2019-02-18
ā–¶
CVE-2019-8357 ā€” NULL Pointer Dereference | cvebase