CVE-2020-35738
published 2020-12-28CVE-2020-35738: WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties…
PriorityP424medium6.1CVSS 3.1
AVLACLPRNUIRSUCNILAH
EPSS
1.20%
64.2th percentile
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | wavpack | < wavpack 5.3.0-2 (bookworm) | wavpack 5.3.0-2 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| wavpack | wavpack | — | — |
| wavpack | wavpack | >= 0 < 5.3.0-2 | 5.3.0-2 |
| wavpack | wavpack | >= 0 < 5.3.0-2 | 5.3.0-2 |
| wavpack | wavpack | >= 0 < 5.3.0-2 | 5.3.0-2 |
| wavpack | wavpack | >= 0 < 5.3.0-2 | 5.3.0-2 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:P
osv6.1MEDIUM
vendor_debian6.1MEDIUM
vendor_redhat6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pwmw-jmr6-f7c4: WavPack 5
ghsa_unreviewed·2022-05-24
CVE-2020-35738 [MEDIUM] CWE-787 GHSA-pwmw-jmr6-f7c4: WavPack 5
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
OSV
CVE-2020-35738: WavPack 5
osv·2020-12-28·CVSS 6.1
CVE-2020-35738 [MEDIUM] CVE-2020-35738: WavPack 5
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
Ubuntu
WavPack vulnerability
vendor_ubuntu·2021-01-06
CVE-2020-35738 WavPack vulnerability
Title: WavPack vulnerability
Summary: WavPack could be made to execute arbitrary code or crash if it received a specially
crafted WAV file.
It was discovered that WavPack incorrectly handled certain WAV files.
An attacker could possibly use this issue to execute arbitrary code or
cause a crash.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
wavpack: out-of-bounds write in WavpackPackSamples function in pack_utils.c
vendor_redhat·2020-12-27·CVSS 6.1
CVE-2020-35738 [MEDIUM] CWE-122 wavpack: out-of-bounds write in WavpackPackSamples function in pack_utils.c
wavpack: out-of-bounds write in WavpackPackSamples function in pack_utils.c
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
Mitigation: If using the wavpack utility, this flaw can be mitigated by not running the program on untrusted input files or files from untrusted sources.
Package: wavpack (Red Hat Enterprise Linux 6) - Out of support scope
Package: wavpack (Red Hat Enterprise Linux 7) - Out of support scope
Package: wavpack (Red Hat Enterprise Linux 8) - Will not fix
Package: wavpack (Red Hat Enterprise Linux 9) - Not affected
Debian
CVE-2020-35738: wavpack - WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c b...
vendor_debian·2020·CVSS 6.1
CVE-2020-35738 [MEDIUM] CVE-2020-35738: wavpack - WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c b...
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
Scope: local
bookworm: resolved (fixed in 5.3.0-2)
bullseye: resolved (fixed in 5.3.0-2)
forky: resolved (fixed in 5.3.0-2)
sid: resolved (fixed in 5.3.0-2)
trixie: resolved (fixed in 5.3.0-2)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/dbry/WavPack/issues/91https://lists.debian.org/debian-lts-announce/2021/01/msg00013.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2YZLKYE66EU4XRHTABV5LB2G7ZDZ422F/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76B7K6F74FDQATG7FECXR5KPIG52O2VL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PENN4ZXRPZULEJOYTTLUZMBZ5H46QTUC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VDFY4NGGDUTLVID5PNVU7LL2G2ZJLZFY/https://github.com/dbry/WavPack/issues/91https://lists.debian.org/debian-lts-announce/2021/01/msg00013.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2YZLKYE66EU4XRHTABV5LB2G7ZDZ422F/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76B7K6F74FDQATG7FECXR5KPIG52O2VL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PENN4ZXRPZULEJOYTTLUZMBZ5H46QTUC/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VDFY4NGGDUTLVID5PNVU7LL2G2ZJLZFY/
2020-12-28
Published