CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 1CVE-2018-19841 – wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS
https://notcve.org/view.php?id=CVE-2018-19841
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. La función WavpackVerifySingleBlock en open_utils.c en libwavpack.a en WavPack hasta la versión 5.1.0 permite que los atacantes provoquen una denegación de servicio (lectura fuera de límites y cierre inesperado de la aplicación) mediante un archivo WavPack Lossless Audio manipulado, tal y como queda demostrado con wvunpack. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00029.html http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b https://github.com/dbry/WavPack/issues/54 https://lists.debian.org/debian-lts-announce/2021/01/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BLSOEVEKF4VNNVNZ2AN46BJUT4TGVWT https://lists.fedoraproject.org/archives/list/package • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-10538
https://notcve.org/view.php?id=CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. Se ha descubierto un problema en WavPack 5.1.0 y anteriores para las entradas WAV. Pueden ocurrir escrituras fuera de límites debido a que ParseRiffHeaderConfig en riff.c no valida los tamaños de los fragmentos desconocidos antes de intentar asignar memoria. Esto se relaciona con la falta de protección ante desbordamientos de enteros en un cálculo bytes_to_copy y una subsecuente llamada malloc, lo que conduce a una asignación de memoria insuficiente. • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d https://github.com/dbry/WavPack/issues/33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH https://seclists.org/bugtraq/2019/Dec/37 https://usn.ubuntu.com/3637-1 ht • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-10540
https://notcve.org/view.php?id=CVE-2018-10540
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. Se ha descubierto un problema en WavPack 5.1.0 y anteriores para las entradas W64. Pueden ocurrir escrituras fuera de límites debido a que ParseWave64HeaderConfig en wave64.c no valida los tamaños de los fragmentos desconocidos antes de intentar asignar memoria. Esto se relaciona con la falta de protección ante desbordamientos de enteros en un cálculo bytes_to_copy y una subsecuente llamada malloc, lo que conduce a una asignación de memoria insuficiente. • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d https://github.com/dbry/WavPack/issues/33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH https://seclists.org/bugtraq/2019/Dec/37 https://usn.ubuntu.com/3637-1 ht • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-10539
https://notcve.org/view.php?id=CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. Se ha descubierto un problema en WavPack 5.1.0 y anteriores para las entradas DSDiff. Pueden ocurrir escrituras fuera de límites debido a que ParseDsdiffHeaderConfig en dsdiff.c no valida los tamaños de los fragmentos desconocidos antes de intentar asignar memoria. Esto se relaciona con la falta de protección ante desbordamientos de enteros en un cálculo bytes_to_copy y una subsecuente llamada malloc, lo que conduce a una asignación de memoria insuficiente. • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d https://github.com/dbry/WavPack/issues/33 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH https://seclists.org/bugtraq/2019/Dec/37 https://usn.ubuntu.com/3637-1 ht • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-10537
https://notcve.org/view.php?id=CVE-2018-10537
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks. Se ha descubierto un problema en WavPack 5.1.0 y anteriores. El componente de analizador W64 contiene una vulnerabilidad que permite la escritura en la memoria debido a que ParseWave64HeaderConfig en wave64.c no rechaza múltiples fragmentos de formato. • http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15 https://github.com/dbry/WavPack/issues/30 https://github.com/dbry/WavPack/issues/31 https://github.com/dbry/WavPack/issues/32 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKK • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •