CVE-2020-23904Out-of-bounds Write in Speex

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.3%
top 48.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Xiph Speex
Timeline
PublishedNov 10
Latest updateMay 24

Description

A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

NVDxiph/speex1.2

🔴Vulnerability Details

3
GHSA
GHSA-3p3f-h63v-47c5: A stack buffer overflow in speexenc2022-05-24
CVEList
CVE-2020-23904: A stack buffer overflow in speexenc2021-11-10
OSV
CVE-2020-23904: A stack buffer overflow in speexenc2021-11-10

📋Vendor Advisories

1
Red Hat
speex: stack-based buffer overflow in speexenc.c via a crafted WAV file2020-07-14
CVE-2020-23904 — Out-of-bounds Write in Xiph Speex | cvebase