INFSA-2024:3030: libsndfile security update
Information about definition
Identificator: INFSA-2024:3030
Type: security
Release date: 2024-08-23 19:42:49 UTC
Information about package
libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV.
Vulnerabilities description
- CVE-2022-33065
Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-33065
|
no information | 7.8 | no information |
Updated packages