CVE-2022-33065

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Libsndfile (affected versions not specified)

Description The issue is related to multiple signed integers overflow in the au read header function in src/au.c and in the mat4 open and mat4 read header functions in src/mat4.c of Libsndfile. This allows an attacker to cause Denial of Service or other unspecified impacts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2024:2184

ALSA-2024:3030

AZL-27647

AZL-34940

BDU:2025-03968

CESA-2024_3030

CVE-2022-33065

INFSA-2024_2184

INFSA-2024_3030

MGASA-2023-0310

OESA-2024-2157

OPENSUSE-SU-2023_4330-1

OPENSUSE-SU-2024:13348-1

RHSA-2024:2184

RHSA-2024:3030

RHSA-2024_2184

RHSA-2024_3030

SUSE-SU-2023:4330-1

SUSE-SU-2023:4331-1

SUSE-SU-2023_4330-1

SUSE-SU-2023_4331-1

USN-6471-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Libsndfile

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2022-33065

Weakness Enumeration

Related Identifiers

Affected Products

References · 51