rpm package
suse/libmysofa&distro=SUSE Package Hub 15 SP2
pkg:rpm/suse/libmysofa&distro=SUSE%20Package%20Hub%2015%20SP2
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-36152 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Feb 8, 2021 | Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA. | ||
| CVE-2020-36151 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Feb 8, 2021 | Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | ||
| CVE-2020-36150 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Feb 8, 2021 | Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. | ||
| CVE-2020-36149 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Feb 8, 2021 | Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em | ||
| CVE-2020-36148 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Feb 8, 2021 | Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em | ||
| CVE-2020-6860 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Jan 13, 2020 | libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. | ||
| CVE-2019-20063 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Dec 29, 2019 | hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json. | ||
| CVE-2019-20016 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Dec 27, 2019 | libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate | ||
| CVE-2019-16091 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Sep 8, 2019 | Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. | ||
| CVE-2019-16092 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Sep 8, 2019 | Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. | ||
| CVE-2019-16093 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Sep 8, 2019 | Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||
| CVE-2019-16094 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Sep 8, 2019 | Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | ||
| CVE-2019-16095 | — | < 0.9.1-bp152.4.3.1 | 0.9.1-bp152.4.3.1 | Sep 8, 2019 | Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c. |
- CVE-2020-36152Feb 8, 2021affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmysofa 0.5 - 1.1 allows attackers to execute arbitrary code via a crafted SOFA.
- CVE-2020-36151Feb 8, 2021affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
- CVE-2020-36150Feb 8, 2021affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
- CVE-2020-36149Feb 8, 2021affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em
- CVE-2020-36148Feb 8, 2021affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in em
- CVE-2020-6860Jan 13, 2020affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
- CVE-2019-20063Dec 29, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
- CVE-2019-20016Dec 27, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate
- CVE-2019-16091Sep 8, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.
- CVE-2019-16092Sep 8, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.
- CVE-2019-16093Sep 8, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
- CVE-2019-16094Sep 8, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.
- CVE-2019-16095Sep 8, 2019affected < 0.9.1-bp152.4.3.1fixed 0.9.1-bp152.4.3.1
Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.