CVE-2018-19758 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Information disclosure
Description	There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1550	lib32-libsndfile	1.0.28-3	1.0.31-1	Medium	Fixed	FS#57434
AVG-1549	libsndfile	1.0.28-3	1.0.31-1	Medium	Fixed	FS#57434

References
https://bugzilla.redhat.com/show_bug.cgi?id=1643812 https://github.com/libsndfile/libsndfile/issues/435 https://github.com/libsndfile/libsndfile/pull/439 https://github.com/libsndfile/libsndfile/commit/42132c543358cee9f7c3e9e9b15bb6c1063a608e

References

https://bugzilla.redhat.com/show_bug.cgi?id=1643812
https://github.com/libsndfile/libsndfile/issues/435
https://github.com/libsndfile/libsndfile/pull/439
https://github.com/libsndfile/libsndfile/commit/42132c543358cee9f7c3e9e9b15bb6c1063a608e