CVE-2018-19800
Description
A buffer overflow in aubio's new_aubio_tempo function (versions 0.4.0–0.4.8) allows denial of service or possible code execution via crafted audio input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in aubio's new_aubio_tempo function (versions 0.4.0–0.4.8) allows denial of service or possible code execution via crafted audio input.
Vulnerability
Overview CVE-2018-19800 is a buffer overflow vulnerability found in the new_aubio_tempo function of aubio, a library for audio and music analysis [1]. Affecting versions 0.4.0 through 0.4.8, the flaw occurs when processing maliciously crafted audio data, leading to memory corruption [1]. The root cause is insufficient bounds checking during tempo analysis initialization [1].
Attack
Vector & Exploitation An attacker can exploit this by supplying a specially crafted audio file (e.g., WAV or other supported formats) to any application or tool that uses the vulnerable library version [1][2]. No authentication is required if the attacker can provide the input; exploitation could happen via a user opening a malicious audio file with an aubio-based tool such as aubio, aubiocut, or aubiotrack [2].
Impact
Successful exploitation could result in a denial of service (application crash) or, potentially, arbitrary code execution in the context of the application using the library [1]. The vulnerability is rated with a CVSS v3 score of 9.8 (Critical), reflecting its low attack complexity and network attack vector [1].
Mitigation
The issue is fixed in aubio version 0.4.9 [4]. Users should update to this version or later to mitigate the risk. As of the advisory, there are no known workarounds; updating the library is the recommended course of action [1][4].
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
aubioPyPI | >= 0.4.0, < 0.4.9 | 0.4.9 |
Affected products
8- aubio/aubiodescription
- ghsa-coords7 versionspkg:pypi/aubiopkg:rpm/opensuse/aubio&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/aubio&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/python-aubio&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/python-aubio&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/aubio&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/python-aubio&distro=SUSE%20Package%20Hub%2015
>= 0.4.0, < 0.4.9+ 6 more
- (no CPE)range: >= 0.4.0, < 0.4.9
- (no CPE)range: < 0.4.6-lp151.6.3.1
- (no CPE)range: < 0.4.6-lp151.6.3.1
- (no CPE)range: < 0.4.6-lp151.6.3.1
- (no CPE)range: < 0.4.6-lp151.6.3.1
- (no CPE)range: < 0.4.6-bp150.3.12.1
- (no CPE)range: < 0.4.6-bp150.3.12.1
Patches
1b1559f4c9ce2[tempo] fix buffer overflow in method parser
1 file changed · +4 −3
src/tempo/tempo.c+4 −3 modified@@ -168,7 +168,7 @@ aubio_tempo_t * new_aubio_tempo (const char_t * tempo_mode, uint_t buf_size, uint_t hop_size, uint_t samplerate) { aubio_tempo_t * o = AUBIO_NEW(aubio_tempo_t); - char_t specdesc_func[20]; + char_t specdesc_func[PATH_MAX]; o->samplerate = samplerate; // check parameters are valid if ((sint_t)hop_size < 1) { @@ -203,9 +203,10 @@ aubio_tempo_t * new_aubio_tempo (const char_t * tempo_mode, o->pp = new_aubio_peakpicker(); aubio_peakpicker_set_threshold (o->pp, o->threshold); if ( strcmp(tempo_mode, "default") == 0 ) { - strcpy(specdesc_func, "specflux"); + strncpy(specdesc_func, "specflux", PATH_MAX - 1); } else { - strcpy(specdesc_func, tempo_mode); + strncpy(specdesc_func, tempo_mode, PATH_MAX - 1); + specdesc_func[PATH_MAX - 1] = '\0'; } o->od = new_aubio_specdesc(specdesc_func,buf_size); o->of = new_fvec(1);
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
11- lists.opensuse.org/opensuse-security-announce/2019-06/msg00063.htmlghsavendor-advisoryx_refsource_SUSEWEB
- lists.opensuse.org/opensuse-security-announce/2019-06/msg00067.htmlghsavendor-advisoryx_refsource_SUSEWEB
- github.com/advisories/GHSA-grmf-4fq6-2r79ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYIKPYXZIWYWWNNORSKWRCFFCP6AFMRZ/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHIRMWW4JQ6UHJK4AVBJLFRLE2TPKC2W/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2018-19800ghsaADVISORY
- github.com/aubio/aubio/blob/0.4.9/ChangeLogghsax_refsource_MISCWEB
- github.com/aubio/aubio/commit/b1559f4c9ce2b304d8d27ffdc7128b6795ca82e5ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/aubio/PYSEC-2019-162.yamlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYIKPYXZIWYWWNNORSKWRCFFCP6AFMRZghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHIRMWW4JQ6UHJK4AVBJLFRLE2TPKC2WghsaWEB
News mentions
0No linked articles in our index yet.