Bugs fixes in "sox"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2021-33844 | A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, co | 2023-03-02 |
| CVE | CVE-2021-23172 | A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a | 2023-03-02 |
| CVE | CVE-2021-23159 | A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploita | 2023-03-02 |
| CVE | CVE-2019-13590 | An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition | 2023-03-02 |
| CVE | CVE-2019-8357 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. | 2019-08-02 |
| CVE | CVE-2019-8356 | An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the | 2019-08-02 |
| CVE | CVE-2019-8355 | An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that | 2019-08-02 |
| CVE | CVE-2019-8354 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When t | 2019-08-02 |
| CVE | CVE-2019-8357 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. | 2019-08-02 |
| CVE | CVE-2019-8356 | An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the | 2019-08-02 |
| CVE | CVE-2019-8355 | An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that | 2019-08-02 |
| CVE | CVE-2019-8354 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When t | 2019-08-02 |
| CVE | CVE-2019-8357 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. | 2019-07-30 |
| CVE | CVE-2019-8356 | An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the | 2019-07-30 |
| CVE | CVE-2019-8354 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When t | 2019-07-30 |
| CVE | CVE-2019-8357 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference. | 2019-07-30 |
| CVE | CVE-2019-8356 | An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the | 2019-07-30 |
| CVE | CVE-2019-8354 | An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When t | 2019-07-30 |
| CVE | CVE-2017-18189 | In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a | 2019-02-01 |
| CVE | CVE-2017-15642 | In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is a Use-After-Free vulnerability triggered by supplying a malformed AIFF file. | 2019-02-01 |
About
-
Send Feedback to @ubuntu_updates
