Multiple vulnerabilities in libsndfile
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2017-6892 CVE-2017-17456 CVE-2017-17457 CVE-2017-14246 CVE-2017-14245 |
| CWE-ID | CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
libsndfile Client/Desktop applications / Multimedia software |
| Vendor | Erik de Castro Lopo |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU10816
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-6892
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the aiff_read_chanmap() function, which is defined in the aiff.c source code file due to improper handling of AIFF files. A remote attacker can create a specially crafted AIFF file, trick the victim into opening it, trigger out-of-bounds read and gain access to potentially sensitive information.
Install update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.20 - 1.0.28
CPE2.3- cpe:2.3:a:erik_de_castro_lopo:libsndfile:1.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:erik_de_castro_lopo:libsndfile:1.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:erik_de_castro_lopo:libsndfile:1.0.22:*:*:*:*:*:*:*
https://github.com/erikd/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU10832
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-17456
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the d2alaw_array() function due to out-of-bounds read. A remote attacker can create a specially crafted source code, trick the victim into opening it, trigger memory corruption and to cause the service to crash.
Cybersecurity is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionslibsndfile: 1.0.29pre1
CPE2.3 External linkshttps://github.com/erikd/libsndfile/issues/344
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bound read
EUVDB-ID: #VU10834
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-17457
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the d2ulaw_array() function due to out-of-bounds read. A remote attacker send a specially crafted input, trigger memory corruption and cause the service to crash.
Cybersecurity is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionslibsndfile: 1.0.29pre1
CPE2.3 External linkshttps://github.com/erikd/libsndfile/issues/344
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU10836
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-14246
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the d2ulaw_array() function due to improper handling of NAN and INFINITY floating-point values. A remote attacker can send a specially crafted input, trick the victim into opening it, trigger an out-of-bounds read and service to crash.
Install update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
CPE2.3 External linkshttps://github.com/fabiangreffrath/libsndfile/commit/2d54514a4f6437b67829717c05472d2e3300a258
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU10839
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-14245
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unautheticated attacker to cause DoS condition on the target system.
The weakness exists in the d2alaw_array() function due to improper handling of NAN and INFINITY floating-point values. A remote attacker can send a specially crafted source code, trick the victim into opening it, trigger an out-of-bounds read and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
CPE2.3 External linkshttps://github.com/fabiangreffrath/libsndfile/commit/2d54514a4f6437b67829717c05472d2e3300a258
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
