Medium severity5.5NVD Advisory· Published Aug 25, 2022· Updated Jun 17, 2026
CVE-2021-23159
CVE-2021-23159
Description
A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsx_read_w_buf() in formats_i.c file. The vulnerability is exploitable with a crafted file, that could cause an application to crash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords5 versionspkg:rpm/opensuse/sox&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/sox&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/sox&distro=openSUSE%20Tumbleweedpkg:rpm/suse/sox&distro=SUSE%20Package%20Hub%2015%20SP4pkg:rpm/suse/sox&distro=SUSE%20Package%20Hub%2015%20SP5
< 14.4.2-bp154.2.3.1+ 4 more
- (no CPE)range: < 14.4.2-bp154.2.3.1
- (no CPE)range: < 14.4.2-bp155.3.3.1
- (no CPE)range: < 14.4.2-8.1
- (no CPE)range: < 14.4.2-bp154.2.3.1
- (no CPE)range: < 14.4.2-bp155.3.3.1
Patches
Vulnerability mechanics
References
4- sourceforge.net/p/sox/bugs/352/nvdExploitThird Party Advisory
- access.redhat.com/security/cve/CVE-2021-23159nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- security.archlinux.org/CVE-2021-23159nvdThird Party Advisory
News mentions
0No linked articles in our index yet.