CVE-2021-3246 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Arbitrary code execution
Description	A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile before version 1.1.0 allows attackers to execute arbitrary code via a crafted WAV file.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2186	lib32-libsndfile	1.0.31-1		Medium	Vulnerable
AVG-2185	libsndfile	1.0.31-1	1.1.0-1	Medium	Fixed

References
https://github.com/libsndfile/libsndfile/issues/687 https://oss-fuzz.com/testcase-detail/5696502087024640 https://github.com/libsndfile/libsndfile/pull/707 https://github.com/libsndfile/libsndfile/commit/9e0e55f8bfa60bddca083ff85699f855c91c42e7

References

https://github.com/libsndfile/libsndfile/issues/687
https://oss-fuzz.com/testcase-detail/5696502087024640
https://github.com/libsndfile/libsndfile/pull/707
https://github.com/libsndfile/libsndfile/commit/9e0e55f8bfa60bddca083ff85699f855c91c42e7