Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2017-8365 - log back

CVE-2017-8365 edited at 09 Feb 2021 09:59:40

Severity

-	Unknown
+	Low

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Denial of service

Description

+	The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.

References

+	https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/
+	https://github.com/libsndfile/libsndfile/issues/230
+	https://github.com/libsndfile/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3

Notes

CVE-2017-8365 created at 09 Feb 2021 09:51:29