CVE-2020-35738 — Integer Overflow or Wraparound in Wavpack

CWE-190 — Integer Overflow or Wraparound CWE-787 — Out-of-bounds Write CWE-122 — Heap-based Buffer Overflow6 documents6 sources

Severity

6.1MEDIUMNVD

EPSS

0.4%

top 38.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wavpack Debian Wavpack Debian Linux +1 more

Timeline

PublishedDec 28

Latest updateMay 24

Description

WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages3 packages

▶debiandebian/wavpack< wavpack 5.3.0-2 (bookworm)

▶Debianwavpack/wavpack< 5.3.0-2+3

▶NVDwavpack/wavpack5.3.0

Also affects: Debian Linux 9.0, Fedora 32, 33

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-pwmw-jmr6-f7c4: WavPack 5↗2022-05-24

▶

OSV

CVE-2020-35738: WavPack 5↗2020-12-28

▶

📋Vendor Advisories

Ubuntu

WavPack vulnerability↗2021-01-06

▶

Red Hat

wavpack: out-of-bounds write in WavpackPackSamples function in pack_utils.c↗2020-12-27

▶

Debian

CVE-2020-35738: wavpack - WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c b...↗2020

▶