Debian Sox vulnerabilities

CVE-2023-34432 [HIGH] CVE-2023-34432: sox - A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf functi... A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.2) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.

CVE-2023-34318 [HIGH] CVE-2023-34318: sox - A heap buffer overflow vulnerability was found in sox, in the startread function... A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.2) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.2)

CVE-2023-32627 [MEDIUM] CVE-2023-32627: sox - A floating point exception vulnerability was found in sox, in the read_samples f... A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service. Scope: local bookworm: open bullseye: open trixie: resolved (fixed in 14.4.2+git20190427-4)

CVE-2023-26590 [MEDIUM] CVE-2023-26590: sox - A floating point exception vulnerability was found in sox, in the lsx_aiffstartw... A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.1) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.1)

CVE-2022-31650 [MEDIUM] CVE-2022-31650: sox - In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff... In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.1) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.1)

CVE-2022-31651 [MEDIUM] CVE-2022-31651: sox - In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.1) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.1)

CVE-2021-3643 [CRITICAL] CVE-2021-3643: sox - A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads ... A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.2) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 1

CVE-2021-40426 [HIGH] CVE-2021-40426: sox - A heap-based buffer overflow vulnerability exists in the sphere.c start_read() f... A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.1) bullseye: resolved (

CVE-2021-23210 [MEDIUM] CVE-2021-23210: sox - A floating point exception (divide-by-zero) issue was discovered in SoX in funct... A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.2) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.2)

CVE-2021-23172 [MEDIUM] CVE-2021-23172: sox - A vulnerability was found in SoX, where a heap-buffer-overflow occurs in functio... A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.2) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2

CVE-2021-23159 [MEDIUM] CVE-2021-23159: sox - A vulnerability was found in SoX, where a heap-buffer-overflow occurs in functio... A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.2) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14

CVE-2021-33844 [MEDIUM] CVE-2021-33844: sox - A floating point exception (divide-by-zero) issue was discovered in SoX in funct... A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-3.1) bullseye: resolved (fixed in 14.4.2+git20190427-2+deb11u1) trixie: resolved (fixed in 14.4.2+git20190427-3.1)

CVE-2019-1010004 [HIGH] CVE-2019-1010004: sox - SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The ... SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds Read. The impact is: Denial of Service. The component is: read_samples function at xa.c:219. The attack vector is: Victim must open specially crafted .xa file. NOTE: this may overlap CVE-2017-18189. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie:

CVE-2019-8354 [MEDIUM] CVE-2019-8354: sox - An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an int... An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-1) bullseye: resolved (fixed in 14.4.2+git20190427-1) trixie: resolv

CVE-2019-8356 [MEDIUM] CVE-2019-8356: sox - An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c... An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-1) bullseye: resolved (fixed in 14.4.2+git20190427-1) trixie: resolved (fixed in 14.4.2+git20190427

CVE-2019-8355 [MEDIUM] CVE-2019-8355: sox - An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflo... An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-1) bullseye: resolv

CVE-2019-8357 [MEDIUM] CVE-2019-8357: sox - An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a N... An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 14.4.2+git20190427-1) bullseye: resolved (fixed in 14.4.2+git20190427-1) trixie: resolved (fixed in 14.4.2+git20190427-1)

CVE-2019-13590 [MEDIUM] CVE-2019-13590: sox - An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread funct... An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in form

CVE-2017-18189 [HIGH] CVE-2017-18189: sox - In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corr... In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.

CVE-2017-11332 [MEDIUM] CVE-2017-11332: sox - The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote att... The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)