CVE-2019-3832 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Information disclosure
Description	It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1550	lib32-libsndfile	1.0.28-3	1.0.31-1	Medium	Fixed	FS#57434
AVG-1549	libsndfile	1.0.28-3	1.0.31-1	Medium	Fixed	FS#57434

References
https://github.com/libsndfile/libsndfile/issues/456 https://github.com/libsndfile/libsndfile/pull/460 https://github.com/libsndfile/libsndfile/commit/6d7ce94c020cc720a6b28719d1a7879181790008