Language:

Information about definition

Identificator: INFCSA-2024:11237

Type: security

Release date: 2025-09-24 19:35:25 UTC

Information about package

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV.

Vulnerabilities description

CVE-2024-50612
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

Severity level

CVE	Score CVSS 2.0	Score CVSS 3.x	Score CVSS 4.0
NIST — CVE-2024-50612	no information	5.5	no information

Critical, important, moderate, low

Updated packages

Preparing to download...

Architecture: Download

INFCSA-2024:11237: libsndfile:1.0.31 security update