PT-2017-14648 · Erik De Castro Lopo+3 · Libsndfile+3

Published

2016-11-14

Updated

2021-01-26

CVE-2017-16942

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libsndfile version 1.0.25

Description A divide-by-zero error exists in the function wav w64 read fmt chunk() in wav w64.c, which may lead to denial of service when playing a crafted audio file.

Recommendations For libsndfile version 1.0.25, update to version 1.0.26 to resolve the issue.

Fix

DoS

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALT-PU-2016-2286

CVE-2017-16942

MGASA-2018-0236

SUSE-SU-2018:0351-1

SUSE-SU-2018:0352-1

USN-4013-1

USN-4704-1

Affected Products

Alt Linux

Suse

Ubuntu

Libsndfile

PT-2017-14648 · Erik De Castro Lopo+3 · Libsndfile+3

CVE-2017-16942

Weakness Enumeration

Related Identifiers

Affected Products

References · 45