Unrated severityNVD Advisory· Published Jan 16, 2015· Updated Jun 17, 2026
CVE-2014-9496
CVE-2014-9496
Description
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:libsndfile_project:libsndfile:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:libsndfile_project:libsndfile:*:*:*:*:*:*:*:*range: <1.0.26
- (no CPE)
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
- osv-coords2 versionspkg:rpm/opensuse/libsndfile&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/libsndfile-progs&distro=openSUSE%20Tumbleweed
< 1.0.26-2.4+ 1 more
- (no CPE)range: < 1.0.26-2.4
- (no CPE)range: < 1.0.26-2.4
Patches
Vulnerability mechanics
References
12- www.openwall.com/lists/oss-security/2015/01/04/4nvdMailing ListPatchThird Party Advisory
- github.com/erikd/libsndfile/commit/dbe14f00030af5d3577f4cabbf9861db59e9c378nvdPatchThird Party Advisory
- github.com/erikd/libsndfile/issues/93nvdExploitThird Party Advisory
- advisories.mageia.org/MGASA-2015-0015.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-updates/2015-01/msg00016.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/62320nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/71796nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-2832-1nvdThird Party Advisory
- seclists.org/bugtraq/2019/Apr/23nvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201612-03nvdThird Party Advisory
News mentions
0No linked articles in our index yet.