CVE-2021-33844 โ€” Divide By Zero in Exchange Project Sound Exchange

CWE-369 โ€” Divide By Zero10 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 71.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sound Exchange Project Sound Exchange
Timeline
PublishedAug 25
Latest updateMar 20

Description

A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

๐Ÿ”ดVulnerability Details

5
OSV
sox regressionโ†—2023-03-20
โ–ถ
OSV
sox vulnerabilitiesโ†—2023-03-02
โ–ถ
GHSA
GHSA-3q4f-g8fc-j65f: A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wavโ†—2022-08-26
โ–ถ
OSV
CVE-2021-33844: A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wavโ†—2022-08-25
โ–ถ
CVEList
CVE-2021-33844: A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wavโ†—2022-08-25
โ–ถ

๐Ÿ“‹Vendor Advisories

4
Ubuntu
SoX regressionโ†—2023-03-20
โ–ถ
Ubuntu
SoX vulnerabilitiesโ†—2023-03-02
โ–ถ
Red Hat
SoX: divide by zero crash in wav.cโ†—2021-04-20
โ–ถ
Debian
CVE-2021-33844: sox - A floating point exception (divide-by-zero) issue was discovered in SoX in funct...โ†—2021
โ–ถ
CVE-2021-33844 โ€” Divide By Zero | cvebase