Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2017-14245 - log back

CVE-2017-14245 edited at 09 Feb 2021 10:03:39

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Information disclosure

Description

+	An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.

References

+	https://github.com/libsndfile/libsndfile/issues/317
+	https://github.com/libsndfile/libsndfile/pull/529
+	https://github.com/libsndfile/libsndfile/commit/2ccb23fe724d1d946b4e0c51b791cc655da6962e

Notes

CVE-2017-14245 created at 09 Feb 2021 09:51:29