SB2019061303 - Ubuntu update for libsndfile

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019061303

SB2019061303 - Ubuntu update for libsndfile

Published: June 13, 2019 Updated: August 17, 2023

Security Bulletin ID SB2019061303
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 vulnerabilities.


1) Out-of-bounds read (CVE-ID: CVE-2017-14245)

The vulnerability allows a remote unautheticated attacker to cause DoS condition on the target system.

The weakness exists in the d2alaw_array() function due to improper handling of NAN and INFINITY floating-point values. A remote attacker can send a specially crafted source code, trick the victim into opening it, trigger an out-of-bounds read and cause the service to crash.

2) Out-of-bounds read (CVE-ID: CVE-2017-14246)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the d2ulaw_array() function due to improper handling of NAN and INFINITY floating-point values. A remote attacker can send a specially crafted input, trick the victim into opening it, trigger an out-of-bounds read and service to crash.

3) Divide by zero (CVE-ID: CVE-2017-14634)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the double64_init() function due to a divide-by-zero error when processing crafted audio files. A remote attacker can trick the victim into opening a specially crafted audio file, trigger a divide-by-zero condition and cause the service to crash.

4) Out-of-bounds read (CVE-ID: CVE-2017-17456)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the d2alaw_array() function due to out-of-bounds read. A remote attacker can create a specially crafted source code, trick the victim into opening it, trigger memory corruption and to cause the service to crash.

5) Out-of-bound read (CVE-ID: CVE-2017-17457)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the d2ulaw_array() function due to out-of-bounds read. A remote attacker send a specially crafted input, trigger memory corruption and cause the service to crash.

6) Out-of-bounds read (CVE-ID: CVE-2017-6892)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists in the aiff_read_chanmap() function, which is defined in the aiff.c source code file due to improper handling of AIFF files. A remote attacker can create a specially crafted AIFF file, trick the victim into opening it, trigger out-of-bounds read and gain access to potentially sensitive information.

7) Stack-based buffer overflow (CVE-ID: CVE-2018-13139)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to stack-based buffer overflow in psf_memset in common.c. A remote attacker can send a specially crafted audio file, trick the victim into opening it, trigger memory corruption and cause the service to crash.

8) NULL pointer dereference (CVE-ID: CVE-2018-19432)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to NULL pointer dereference in the function sf_write_int in sndfile.c. A remote attacker can trigger NULL pointer dereference and cause the service to crash.


9) Out-of-bounds read (CVE-ID: CVE-2018-19661)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.


10) Out-of-bounds read (CVE-ID: CVE-2018-19662)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.


11) Out-of-bounds read (CVE-ID: CVE-2018-19758)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer overread condition in the wav_write_headerfunction, as defined in the wav.c source code file. A remote attacker can trick the victim into following a custom link or opening a crafted audio file that submits malicious input, trigger memory corruption and perform a denial of service attack.


12) Division by zero (CVE-ID: CVE-2017-16942)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a divide by zero error in the wav_w64_read_fmt_chunk() function in wav_w64.c file while playing a crafted audio file. A remote attacker can pass a specially crafted file to the affected application, trigger division by zero error and crash the affected application.


13) Out-of-bounds read (CVE-ID: CVE-2019-3832)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the wav_write_header() function in wav.c file when processing media content. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the affected application.

Note: this vulnerability is a result of an unresolved issues, described in SB2018112313 (#5).


Remediation

Install update from vendor's website.

References