rpm package

opensuse/libmysofa&distro=openSUSE Leap 15.2

pkg:rpm/opensuse/libmysofa&distro=openSUSE%20Leap%2015.2

Vulnerabilities (13)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-36152	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Feb 8, 2021	Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.
CVE-2020-36151	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Feb 8, 2021	Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
CVE-2020-36150	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Feb 8, 2021	Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
CVE-2020-36149	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Feb 8, 2021	Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em
CVE-2020-36148	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Feb 8, 2021	Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em
CVE-2020-6860	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Jan 13, 2020	libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
CVE-2019-20063	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Dec 29, 2019	hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
CVE-2019-20016	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Dec 27, 2019	libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate
CVE-2019-16091	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Sep 8, 2019	Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.
CVE-2019-16092	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Sep 8, 2019	Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.
CVE-2019-16093	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Sep 8, 2019	Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
CVE-2019-16094	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Sep 8, 2019	Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
CVE-2019-16095	—	< 0.9.1-lp152.3.3.1	0.9.1-lp152.3.3.1	Sep 8, 2019	Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

CVE-2020-36152Feb 8, 2021
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.
CVE-2020-36151Feb 8, 2021
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
CVE-2020-36150Feb 8, 2021
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
CVE-2020-36149Feb 8, 2021
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em
CVE-2020-36148Feb 8, 2021
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em
CVE-2020-6860Jan 13, 2020
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
CVE-2019-20063Dec 29, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
CVE-2019-20016Dec 27, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate
CVE-2019-16091Sep 8, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.
CVE-2019-16092Sep 8, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.
CVE-2019-16093Sep 8, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
CVE-2019-16094Sep 8, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
CVE-2019-16095Sep 8, 2019
affected < 0.9.1-lp152.3.3.1fixed 0.9.1-lp152.3.3.1
Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.