Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-33844: Invalid Bug ID

A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash.

CVE

‘1975664?cve=title’ is not a valid bug number nor an alias to a bug.

Please press Back and try again.

Related news

Ubuntu Security Notice USN-5904-2

Ubuntu Security Notice 5904-2 - USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS.

Ubuntu Security Notice USN-5904-1

Ubuntu Security Notice 5904-1 - Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Debian Security Advisory 5356-1

Debian Linux Security Advisory 5356-1 - Multiple security issues were discovered in Sox, the Swiss Army knife of sound processing programs, which could result in denial of service or potentially the execution of arbitrary code if a malformed audio file is processed.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907