CVE-2022-31651

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions SoX version 14.4.2

Description The issue is related to an assertion failure in the rate init function within the rate.c component of the SoX audio editor. This failure is due to insufficient use of the assert() function. Exploitation of this issue could allow a remote attacker to cause a denial of service.

Recommendations For SoX version 14.4.2, consider disabling the rate init function as a temporary workaround until a patch is available. Restrict access to the rate.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2024-6289

ALT-PU-2024-6378

ALT-PU-2024-6855

ALT-PU-2024-6966

AZL-43648

AZL-45120

BDU:2023-01723

CVE-2022-31651

DLA-3315-1

DLA-3315-2

DSA-5356-1

DSA-5356-2

MGASA-2023-0059

OPENSUSE-SU-2023:0328-1

OPENSUSE-SU-2023:0329-1

OPENSUSE-SU-2024:13359-1

ROSA-SA-2025-2668

USN-5904-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Sox

Ubuntu

CVE-2022-31651

Weakness Enumeration

Related Identifiers

Affected Products

References · 62