VYPR
← All advisories
High severityNVD Advisory· Published Jul 23, 2018· Updated Aug 5, 2024

CVE-2018-14523

CVE-2018-14523

Description

A buffer over-read in aubio 0.4.6's new_aubio_pitchyinfft function can be triggered via aubionotes, leading to potential information disclosure.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A buffer over-read in aubio 0.4.6's new_aubio_pitchyinfft function can be triggered via aubionotes, leading to potential information disclosure.

Vulnerability

In aubio version 0.4.6, the function new_aubio_pitchyinfft in src/pitch/pitchyinfft.c contains a global buffer over-read. The global variable freqs is defined at line 43 with a size of 136 bytes, but at line 75 a read of size 4 occurs 0 bytes to the right of this variable, as shown by AddressSanitizer output [3]. This bug is reachable through the aubionotes tool [1].

Exploitation

An attacker can trigger the over-read by providing a crafted audio file to aubionotes or any application using the vulnerable library. No special privileges are required; the attacker only needs to supply a malicious input that causes the buffer access beyond its bounds. The exact input conditions are not detailed, but the ASAN report confirms the read occurs at a fixed offset.

Impact

Successful exploitation results in reading memory beyond the freqs buffer, potentially disclosing sensitive information from adjacent memory. The over-read is a read-only operation, so it does not allow code execution or write access, but it could leak data.

Mitigation

As of the available references, no patched version has been released for aubio 0.4.6. The issue was reported in 2018, and the project may have since fixed it in later versions; however, the advisory database [4] does not specify a fix. Users should update to the latest version of aubio if a fix exists, or avoid processing untrusted audio files with the affected tool.

References
  1. NVD - CVE-2018-14523
  2. A global buffer overflow problem has been detected.
  3. advisory-database/vulns/aubio/PYSEC-2018-63.yaml at main · pypa/advisory-database

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aubioPyPI
< 0.4.70.4.7

Affected products

3

Patches

1
af4f9e6a93b6

src/pitch/pitchyinfft.c: fix out of bound read when samplerate > 50kHz (closes: #189)

https://github.com/aubio/aubioPaul BrossierAug 6, 2018via ghsa
commit
1 file changed · +3 2
  • src/pitch/pitchyinfft.c+3 2 modified
    @@ -44,7 +44,7 @@ static const smpl_t freqs[] = {
      0.,    20.,    25.,   31.5,    40.,    50.,    63.,    80.,   100.,   125.,
    160.,   200.,   250.,   315.,   400.,   500.,   630.,   800.,  1000.,  1250.,
   1600.,  2000.,  2500.,  3150.,  4000.,  5000.,  6300.,  8000.,  9000., 10000.,
- 12500., 15000., 20000., 25100
+ 12500., 15000., 20000., 25100., -1.
 };
 
 static const smpl_t weight[] = {
@@ -72,7 +72,8 @@ new_aubio_pitchyinfft (uint_t samplerate, uint_t bufsize)
   p->weight = new_fvec (bufsize / 2 + 1);
   for (i = 0; i < p->weight->length; i++) {
     freq = (smpl_t) i / (smpl_t) bufsize *(smpl_t) samplerate;
-    while (freq > freqs[j]) {
+    while (freq > freqs[j] && freqs[j] > 0) {
+      AUBIO_DBG("freq %3.5f > %3.5f \tsamplerate %d (Hz) \t(weight length %d, bufsize %d) %d %d\n", freq, freqs[j], samplerate, p->weight->length, bufsize, i, j);
       j += 1;
     }
     a0 = weight[j - 1];

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

7

News mentions

0

No linked articles in our index yet.