SB2018112313 - Denial of service in libsndfile
Published: November 23, 2018 Updated: August 17, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2018-19432)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to NULL pointer dereference in the function sf_write_int in sndfile.c. A remote attacker can trigger NULL pointer dereference and cause the service to crash.
2) Memory leak (CVE-ID: CVE-2018-13419)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within psf_allocate in common.c, as demonstrated by sndfile-convert. A remote attacker can perform a denial of service attack.
3) Out-of-bounds read (CVE-ID: CVE-2018-19662)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.
4) Out-of-bounds read (CVE-ID: CVE-2018-19661)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.
5) Out-of-bounds read (CVE-ID: CVE-2018-19758)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer overread condition in the wav_write_headerfunction, as defined in the wav.c source code file. A remote attacker can trick the victim into following a custom link or opening a crafted audio file that submits malicious input, trigger memory corruption and perform a denial of service attack.
Remediation
Install update from vendor's website.