Debian Libsndfile vulnerabilities

CVE-2017-8362 [MEDIUM] CVE-2017-8362: libsndfile - The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attac... The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file. Scope: local bookworm: resolved (fixed in 1.0.27-3) bullseye: resolved (fixed in 1.0.27-3) forky: resolved (fixed in 1.0.27-3) sid: resolved (fixed in 1.0.27-3) trixie: resolved (fixed in

CVE-2017-7742 [MEDIUM] CVE-2017-7742: libsndfile - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac... In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. Scope: local bookworm: resolved (fixed in 1.0.27-3) bullseye: resolved (fixed in 1.0.27-3) forky: resolved (f

CVE-2017-8363 [MEDIUM] CVE-2017-8363: libsndfile - The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attac... The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. Scope: local bookworm: resolved (fixed in 1.0.27-3) bullseye: resolved (fixed in 1.0.27-3) forky: resolved (fixed in 1.0.27-3) sid: resolved (fixed in 1.0.27-3) trixie: reso

CVE-2017-8365 [MEDIUM] CVE-2017-8365: libsndfile - The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers t... The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. Scope: local bookworm: resolved (fixed in 1.0.27-3) bullseye: resolved (fixed in 1.0.27-3) forky: resolved (fixed in 1.0.27-3) sid: resolved (fixed in 1.0.27-3) trixie: resolved (fixed in 1.

CVE-2017-14246 [HIGH] CVE-2017-14246: libsndfile - An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0... An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. Scope: local bookworm: resolved (fixed in 1.0.28-5) bullseye: resolved (fixed in 1.0.28-5) forky: resolved (fixed in 1.0.28-5) sid: resolved (fixed in 1

CVE-2017-14245 [HIGH] CVE-2017-14245: libsndfile - An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0... An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. Scope: local bookworm: resolved (fixed in 1.0.28-5) bullseye: resolved (fixed in 1.0.28-5) forky: resolved (fixed in 1.0.28-5) sid: resolved (fixed in 1

CVE-2015-7805 [CRITICAL] CVE-2015-7805: libsndfile - Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have ... Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file. Scope: local bookworm: resolved (fixed in 1.0.25-10) bullseye: resolved (fixed in 1.0.25-10) forky: resolved (fixed in 1.0.25-10) sid: resolved (fixed in 1.0.25-10) trixie: resolved (fixed in 1.0.25-10)

CVE-2014-9756 [MEDIUM] CVE-2014-9756: libsndfile - The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a d... The psf_fwrite function in file_io.c in libsndfile allows attackers to cause a denial of service (divide-by-zero error and application crash) via unspecified vectors related to the headindex variable. Scope: local bookworm: resolved (fixed in 1.0.25-10) bullseye: resolved (fixed in 1.0.25-10) forky: resolved (fixed in 1.0.25-10) sid: resolved (fixed in 1.0.25-10)

CVE-2014-9496 [LOW] CVE-2014-9496: libsndfile - The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have... The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read. Scope: local bookworm: resolved (fixed in 1.0.25-9.1) bullseye: resolved (fixed in 1.0.25-9.1) forky: resolved (fixed in 1.0.25-9.1) sid: resolved (fixed in 1.0.25-9.1) t

CVE-2011-2696 [MEDIUM] CVE-2011-2696: libsndfile - Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a ... Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.0.25-1) bullseye: resolved (fixed in 1.0.25-1) forky: resolved (fixed in 1.0.25-

CVE-2009-0186 [CRITICAL] CVE-2009-0186: libsndfile - Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, all... Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.0.19-1) bullseye: resolved (fixed in 1.0.19-1) forky: resolved (fixed in 1.0.19-1) sid:

CVE-2009-4835 [MEDIUM] CVE-2009-4835: libsndfile - The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32... The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file. Scope: local bookworm: resolved (fixed in 1.0.21-3) bullseye: resolved (fixed in 1.0.21-3

CVE-2009-1788 [CRITICAL] CVE-2009-1788: libsndfile - Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.1... Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value. Scope: local bookworm: resolved (fixed in 1.0.20-1) bullseye: resol

CVE-2009-1791 [CRITICAL] CVE-2009-1791: libsndfile - Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.... Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. Scope: local bookworm: resolved (fixed in 1.0.20-1) bullseye: re

CVE-2007-4974 [HIGH] CVE-2007-4974: ardour - Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17... Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size. Scope: local bookworm: resolved (fixed in 1:2.1-1.1) bullseye: resolved (fixed in 1:2.1-1.1) forky: resolved (fixed