Pietroborrello

**Name of the Vulnerable Software and Affected Versions** libsndfile version 1.2.2 **Description** An integer overflow exists in the IMA ADPCM codec within the WAV and close code paths. When the product of `samplesperblock` and `blocks` exceeds the maximum value of a 32-bit signed integer (INT MAX), a multiplication overflow occurs before the result is assigned to `sf.frames`. Because both `samplesperblock` and `blocks` are attacker-controlled values sourced from the WAV file header, this can lead to an incorrect frame count, resulting in a heap buffer overflow or denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Libsndfile version 1.1.0 **Description** An off-by-one error in the `wav read header` function in `src/wav.c` results in a write out of bounds, allowing an attacker to execute arbitrary code, cause a Denial of Service, or have other unspecified impacts. **Recommendations** For Libsndfile version 1.1.0, consider disabling the `wav read header` function until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lrzip version 0.651 **Description** The issue is related to multiple invalid arithmetic shifts in the functions `get magic` in lrzip.c and `Predictor::init` in libzpaq/libzpaq.cpp. This allows attackers to cause a Denial of Service via unspecified vectors. **Recommendations** For Lrzip version 0.651, consider disabling the `get magic` function and the `Predictor::init` function in libzpaq/libzpaq.cpp as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Harfbuzz version 4.3.0 **Description** The issue is related to an integer overflow in the hb-ot-shape-fallback.cc component of the Harfbuzz library, which can be exploited by attackers to cause a Denial of Service (DoS) via unspecified vectors. This can be achieved by sending specially crafted data to the application, resulting in an integer overflow and potentially leading to a crash. **Recommendations** For Harfbuzz version 4.3.0, consider updating to a newer version that includes a fix for the integer overflow issue in the hb-ot-shape-fallback.cc component. As a temporary workaround, restrict the input data to prevent specially crafted requests from causing the integer overflow.

**Name of the Vulnerable Software and Affected Versions** Ethereum Solidity version 0.8.14 **Description** The issue is related to an assertion failure in Ethereum Solidity, specifically via the `SMTEncoder::indexOrMemberAssignment()` function at `SMTEncoder.cpp`. **Recommendations** For Ethereum Solidity version 0.8.14, consider restricting the use of the `SMTEncoder::indexOrMemberAssignment()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Irzip version 0.640 **Description** The issue is related to a heap memory corruption in the lrzip.c:initialise control component. This corruption can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For Irzip version 0.640, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting the use of the lrzip.c:initialise control component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Libsndfile (affected versions not specified) **Description** The issue is related to multiple signed integers overflow in the `au read header` function in `src/au.c` and in the `mat4 open` and `mat4 read header` functions in `src/mat4.c` of Libsndfile. This allows an attacker to cause Denial of Service or other unspecified impacts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.