PT-2023-13229 · Unknown+9 · Libsndfile+9

Pietroborrello

Publicado

2021-11-15

Atualizado

2026-05-01

CVE-2022-33065

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Libsndfile (affected versions not specified)

Description The issue is related to multiple signed integers overflow in the au read header function in src/au.c and in the mat4 open and mat4 read header functions in src/mat4.c of Libsndfile. This allows an attacker to cause Denial of Service or other unspecified impacts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALSA-2024:2184

ALSA-2024:3030

AZL-27647

AZL-34940

BDU:2025-03968

CESA-2024_3030

CVE-2022-33065

INFSA-2024_2184

INFSA-2024_3030

MGASA-2023-0310

OESA-2024-2157

OPENSUSE-SU-2023_4330-1

OPENSUSE-SU-2024:13348-1

RHSA-2024:2184

RHSA-2024:3030

RHSA-2024_2184

RHSA-2024_3030

SUSE-SU-2023:4330-1

SUSE-SU-2023:4331-1

SUSE-SU-2023_4330-1

SUSE-SU-2023_4331-1

USN-6471-1

Produtos afetados

Almalinux

Astra Linux

Centos

Debian

Libsndfile

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2023-13229 · Unknown+9 · Libsndfile+9

CVE-2022-33065

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51