Ubuntu update for libsndfile
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2017-12562 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2017-16942 CVE-2017-6892 CVE-2018-13139 CVE-2018-19432 CVE-2018-19661 CVE-2018-19662 CVE-2018-19758 CVE-2019-3832 |
| CWE-ID | CWE-122 CWE-125 CWE-369 CWE-121 CWE-476 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #9 is available. Public exploit code for vulnerability #10 is available. Public exploit code for vulnerability #11 is available. |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system sndfile-programs (Ubuntu package) Operating systems & Components / Operating system package or component libsndfile1 (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU10867
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12562
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the psf_binheader_writef function due to heap-based buffer overflow. A remote attacker can trick the victim into opening a specially crafted input, trigger a heap-based buffer overflow condition and cause the service to crash.
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU10839
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14245
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unautheticated attacker to cause DoS condition on the target system.
The weakness exists in the d2alaw_array() function due to improper handling of NAN and INFINITY floating-point values. A remote attacker can send a specially crafted source code, trick the victim into opening it, trigger an out-of-bounds read and cause the service to crash.
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU10836
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14246
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the d2ulaw_array() function due to improper handling of NAN and INFINITY floating-point values. A remote attacker can send a specially crafted input, trick the victim into opening it, trigger an out-of-bounds read and service to crash.
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Divide by zero
EUVDB-ID: #VU10868
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14634
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the double64_init() function due to a divide-by-zero error when processing crafted audio files. A remote attacker can trick the victim into opening a specially crafted audio file, trigger a divide-by-zero condition and cause the service to crash.
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Division by zero
EUVDB-ID: #VU18789
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-16942
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a divide by zero error in the wav_w64_read_fmt_chunk() function in wav_w64.c file while playing a crafted audio file. A remote attacker can pass a specially crafted file to the affected application, trigger division by zero error and crash the affected application.
MitigationUpdate the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU10816
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6892
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists in the aiff_read_chanmap() function, which is defined in the aiff.c source code file due to improper handling of AIFF files. A remote attacker can create a specially crafted AIFF file, trick the victim into opening it, trigger out-of-bounds read and gain access to potentially sensitive information.
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Stack-based buffer overflow
EUVDB-ID: #VU14198
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-13139
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists due to stack-based buffer overflow in psf_memset in common.c. A remote attacker can send a specially crafted audio file, trick the victim into opening it, trigger memory corruption and cause the service to crash.
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) NULL pointer dereference
EUVDB-ID: #VU16040
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19432
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to NULL pointer dereference in the function sf_write_int in sndfile.c. A remote attacker can trigger NULL pointer dereference and cause the service to crash.
MitigationUpdate the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
9) Out-of-bounds read
EUVDB-ID: #VU16176
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19661
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
10) Out-of-bounds read
EUVDB-ID: #VU16177
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19662
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
11) Out-of-bounds read
EUVDB-ID: #VU16205
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-19758
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer overread condition in the wav_write_headerfunction, as defined in the wav.c source code file. A remote attacker can trick the victim into following a custom link or opening a crafted audio file that submits malicious input, trigger memory corruption and perform a denial of service attack.
MitigationUpdate the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Out-of-bounds read
EUVDB-ID: #VU18790
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-3832
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the wav_write_header() function in wav.c file when processing media content. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the affected application.
Note: this vulnerability is a result of an unresolved issues, described in SB2018112313 (#5).
Update the affected package libsndfile to the latest version.
Vulnerable software versionsUbuntu: 14.04 - 16.04
sndfile-programs (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
libsndfile1 (Ubuntu package): before 1.0.2510u buntu0.16.04.3+esm2
External linkshttp://ubuntu.com/security/notices/USN-4704-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
