PT-2023-9305 · Espeak-Ng+6 · Espeak-Ng+6
Seu-Ssl
·
Publicado
2023-12-12
·
Atualizado
2025-05-31
·
CVE-2023-49994
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Espeak-ng version 1.52-dev
Description
The issue is related to a Floating Point Exception via the function
PeaksToHarmspect() at wavegen.c. This can potentially allow an attacker to cause a denial of service or execute arbitrary code due to improper memory management under certain circumstances.Recommendations
For Espeak-ng version 1.52-dev, consider disabling the
PeaksToHarmspect() function as a temporary workaround until a patch is available. Restrict access to the wavegen.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Astra Linux
Debian
Espeak-Ng
Linuxmint
Red Os
Suse
Ubuntu