[manjaro-security] [arch-security] [ASA-201602-9] lib32-libsndfile: multiple issues

Christian Rebischke Chris.Rebischke at archlinux.org
Sat Feb 6 13:48:16 CET 2016

Arch Linux Security Advisory ASA-201602-8

Severity: Medium
Date    : 2016-02-06
CVE-ID  : CVE-2014-9496 CVE-2014-9756 CVE-2015-7805
Package : lib32-libsndfile
Type    : multiple issues
Remote  : Yes
Link    : https://wiki.archlinux.org/index.php/CVE


The package lib32-libsndfile before version 1.0.26-1 is vulnerable to
multiple issues including denial of service and unspecified impact. 


Upgrade to 1.0.26-1.

# pacman -Syu "lib32-libsndfile>=1.0.26-1"

The problems have been fixed upstream in version 1.0.26.




- CVE-2014-9496 (unspecified impact) 
The sd2_parse_rsrc_fork function in sd2.c in lib32-libsndfile allows
attackers to have unspecified impact via vectors related to a (1) map offset
or (2) rsrc marker, which triggers an out-of-bounds read.

- CVE-2014-9756 (denial of service) 
The psf_fwrite function in file_io.c in lib32-libsndfile allows attackers to
cause a denial of service (divide-by-zero error and application crash) via
unspecified vectors related to the headindex variable.

- CVE-2015-7805 (unspecified impact) 
Heap-based buffer overflow in lib32-libsndfile 1.0.25 allows remote
attackers to have unspecified impact via the headindex value in the header
in an AIFF file.


A remote attacker could be able to have unspecified impact on the running
application. Furthermore a local attacker is able to crash the running
application by causing a divide-by-zero error.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20160206/f57b2b67/attachment.pgp>

More information about the manjaro-security mailing list