CVE-2024-50613Reachable Assertion in Project Libsndfile

CWE-617Reachable Assertion6 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
0.0%
top 93.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Libsndfile Project LibsndfileDebian LibsndfileMsrc Azl3 Libsndfile 1.2.2-3 ON Azure Linux 3.0+3 more
Timeline
PublishedOct 27
Latest updateOct 28

Description

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages6 packages

🔴Vulnerability Details

2
GHSA
GHSA-425f-273g-699h: libsndfile through 12024-10-28
OSV
CVE-2024-50613: libsndfile through 12024-10-27

📋Vendor Advisories

3
Red Hat
libsndfile: Reachable assertion in mpeg_l3_encoder_close2024-10-27
Microsoft
libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.2024-10-08
Debian
CVE-2024-50613: libsndfile - libsndfile through 1.2.2 has a reachable assertion, that may lead to application...2024