PT-2017-14687 · Aubio · Aubio

My123Pxo

Published

2017-11-29

Updated

2022-05-17

CVE-2017-17054

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions aubio version 0.4.6

Description A divide-by-zero error exists in the function new aubio source wavread() in source wavread.c, which may lead to Denial of Service (DoS) when playing a crafted audio file.

Recommendations For aubio version 0.4.6, consider disabling the new aubio source wavread() function until a patch is available to prevent potential DoS attacks when playing crafted audio files.

Fix

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

CVE-2017-17054

GHSA-VCWX-8MQH-2557

MGASA-2018-0194

OPENSUSE-SU-2024:10638-1

PYSEC-2017-75

Affected Products

Aubio

PT-2017-14687 · Aubio · Aubio

CVE-2017-17054

Weakness Enumeration

Related Identifiers

Affected Products

References · 18