SB2019021912 - Denial of service in SoX
Published: February 19, 2019 Updated: July 18, 2019
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2019-8357)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in n the lsx_make_lpf function, as defined in the effect_i_dsp.c source code file. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the sox command and perform a denial of service (DoS) attack.
2) Stack-based buffer overflow (CVE-ID: CVE-2019-8356)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper protection on an argument passed to the bitrv2 function, as defined in the fft4g.c source code file of the affected software. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the sox command, trigger a stack-based buffer overflow condition and perform a denial of service (DoS) attack.
3) Integer overflow (CVE-ID: CVE-2019-8354)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in lsx_make_lpf in effect_i_dsp.c when handling malicious input. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the sox command, trigger a heap-based buffer overflow condition and perform a denial of service (DoS) attack.
4) Integer overflow (CVE-ID: CVE-2019-8355)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in xmalloc.h when handling malicious input. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the sox command, trigger a heap-based buffer overflow condition channels_start in remix.c and perform a denial of service (DoS) attack.
5) Out-of-bounds read (CVE-ID: CVE-2019-1010004)
The vulnerability allows a remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability exists due to an out-of-bounds read condition in the "read_samples" function in the "xa.c" file. A remote attacker can trick a victim to open a specially crafted .xa file and crash the affected application.
6) NULL pointer dereference (CVE-ID: CVE-2019-13590)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in libsox.a file. A remote attacker can create a specially crafted file, trick the victim into opening it and perform a denial of service (DoS) attack.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://sourceforge.net/p/sox/bugs/318
- https://sourceforge.net/p/sox/bugs/321/
- https://sourceforge.net/p/sox/bugs/319/
- https://sourceforge.net/p/sox/bugs/320
- https://sourceforge.net/p/sox/bugs/299/
- https://sourceforge.net/p/sox/code/ci/master/tree/src/xa.c#l219
- https://sourceforge.net/p/sox/bugs/325/