Debian Sox vulnerabilities

CVE-2017-15372 [MEDIUM] CVE-2017-15372: sox - There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i functi... There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2017-15370 [MEDIUM] CVE-2017-15370: sox - There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in ... There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2017-11358 [MEDIUM] CVE-2017-11358: sox - The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote... The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2017-15371 [MEDIUM] CVE-2017-15371: sox - There is a reachable assertion abort in the function sox_append_comment() in for... There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2017-15642 [MEDIUM] CVE-2017-15642: sox - In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-Af... In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2017-11359 [MEDIUM] CVE-2017-11359: sox - The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote a... The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2014-8145 [HIGH] CVE-2014-8145: sox - Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier ... Multiple heap-based buffer overflows in Sound eXchange (SoX) 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the (1) start_read or (2) AdpcmReadBlock function. Scope: local bookworm: resolved (fixed in 14.4.2-2) bullseye: resolved (fixed in 14.4.2-2) trixie: resolved (fixed in 14.4.2-2)

CVE-2004-0557 [CRITICAL] CVE-2004-0557: sox - Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXc... Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Scope: local bookworm: resolved (fixed in 12.17.4-9) bullseye: resolved (fixed in 12.17.4-9) trixie: resolved (fixed in 12.17.4-9)