PT-2022-6490 · Sox+4 · Sox+4

Han Zheng

Published

2022-05-25

Updated

2025-06-27

CVE-2022-31650

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions SoX version 14.4.2

Description The issue is related to a floating-point exception in the lsx aiffstartwrite function in aiff.c in libsox.a. This vulnerability is associated with insufficient comparison, which may allow a remote attacker to cause a denial of service.

Recommendations For SoX version 14.4.2, consider disabling the lsx aiffstartwrite function as a temporary workaround until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-697

Related Identifiers

ALT-PU-2024-6289

ALT-PU-2024-6378

ALT-PU-2024-6855

ALT-PU-2024-6966

AZL-43666

AZL-45270

BDU:2023-01722

CVE-2022-31650

DLA-3315-1

DLA-3315-2

DSA-5356-1

DSA-5356-2

MGASA-2023-0059

OPENSUSE-SU-2023:0328-1

OPENSUSE-SU-2023:0329-1

OPENSUSE-SU-2024:13359-1

ROSA-SA-2025-2668

USN-5904-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Sox

Ubuntu

PT-2022-6490 · Sox+4 · Sox+4

CVE-2022-31650

Weakness Enumeration

Related Identifiers

Affected Products

References · 61