CVE-2024-33429

Name of the Vulnerable Software and Affected Versions phiola version 2.0-rc22

Description The issue is a Buffer-Overflow vulnerability located at pcm convert.h:513. This vulnerability allows a remote attacker to execute arbitrary code via a crafted .wav file.

Recommendations For phiola version 2.0-rc22, consider disabling the functionality that handles .wav files until a patch is available. Restrict access to the pcm convert.h module to minimize the risk of exploitation. Avoid using the vulnerable function related to the pcm convert.h:513 line until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.