Unrated severityNVD Advisory· Published Jan 16, 2015· Updated May 6, 2026
CVE-2014-9496
CVE-2014-9496
Description
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
Affected products
9cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.openwall.com/lists/oss-security/2015/01/04/4nvdMailing ListPatchThird Party Advisory
- github.com/erikd/libsndfile/commit/dbe14f00030af5d3577f4cabbf9861db59e9c378nvdPatchThird Party Advisory
- github.com/erikd/libsndfile/issues/93nvdExploitThird Party Advisory
- advisories.mageia.org/MGASA-2015-0015.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-updates/2015-01/msg00016.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/62320nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/71796nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2832-1nvdThird Party Advisory
- seclists.org/bugtraq/2019/Apr/23nvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201612-03nvdThird Party Advisory
News mentions
0No linked articles in our index yet.