Unrated severityNVD Advisory· Published May 2, 2022· Updated Aug 3, 2024

CVE-2021-3643

Description

A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.

Affected products

Sox Oss/Soxcpe-rescue
osv-coords5 versions
pkg:rpm/opensuse/sox&distro=openSUSE%20Leap%2015.4 pkg:rpm/opensuse/sox&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/sox&distro=openSUSE%20Tumbleweed pkg:rpm/suse/sox&distro=SUSE%20Package%20Hub%2015%20SP4 pkg:rpm/suse/sox&distro=SUSE%20Package%20Hub%2015%20SP5
< 14.4.2-bp154.2.3.1+ 4 more
- (no CPE)range: < 14.4.2-bp154.2.3.1
- (no CPE)range: < 14.4.2-bp155.3.3.1
- (no CPE)range: < 14.4.2-8.1
- (no CPE)range: < 14.4.2-bp154.2.3.1
- (no CPE)range: < 14.4.2-bp155.3.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000