rpm package
almalinux/libsndfile-utils
pkg:rpm/almalinux/libsndfile-utils
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-37555 | Hig | 7.5 | < 1.0.28-17.el8_10 | 1.0.28-17.el8_10 | Apr 29, 2026 | An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication o | |
| CVE-2024-50612 | — | < 1.0.28-16.el8_10 | 1.0.28-16.el8_10 | Oct 27, 2024 | libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. | ||
| CVE-2022-33065 | — | < 1.0.31-8.el9 | 1.0.31-8.el9 | Jul 18, 2023 | Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. |
- affected < 1.0.28-17.el8_10fixed 1.0.28-17.el8_10
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication o
- CVE-2024-50612Oct 27, 2024affected < 1.0.28-16.el8_10fixed 1.0.28-16.el8_10
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
- CVE-2022-33065Jul 18, 2023affected < 1.0.31-8.el9fixed 1.0.31-8.el9
Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.