Risk | Low |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2018-19432 CVE-2018-13419 CVE-2018-19662 CVE-2018-19661 CVE-2018-19758 |
CWE-ID | CWE-476 CWE-401 CWE-125 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. |
Vulnerable software Subscribe |
libsndfile Client/Desktop applications / Multimedia software |
Vendor | Erik de Castro Lopo |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
Updated 29.11.2018.
Added vulnerabilities #2-5, bulletin marked as unpatched.
EUVDB-ID: #VU16040
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19432
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to NULL pointer dereference in the function sf_write_int in sndfile.c. A remote attacker can trigger NULL pointer dereference and cause the service to crash.
MitigationInstall update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
External linkshttp://github.com/erikd/libsndfile/issues/427
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU16178
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-13419
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within psf_allocate in common.c, as demonstrated by sndfile-convert. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
External linkshttp://github.com/erikd/libsndfile/issues/398
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU16177
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19662
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
External linkshttp://github.com/erikd/libsndfile/issues/429
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU16176
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19661
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
External linkshttp://github.com/erikd/libsndfile/issues/429
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU16205
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19758
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer overread condition in the wav_write_headerfunction, as defined in the wav.c source code file. A remote attacker can trick the victim into following a custom link or opening a crafted audio file that submits malicious input, trigger memory corruption and perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionslibsndfile: 1.0.28
External linkshttp://bugzilla.redhat.com/show_bug.cgi?id=1643812
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.