CVE-2026-37555

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libsndfile version 1.2.2

Description An integer overflow exists in the IMA ADPCM codec within the WAV and close code paths. When the product of samplesperblock and blocks exceeds the maximum value of a 32-bit signed integer (INT MAX), a multiplication overflow occurs before the result is assigned to sf.frames. Because both samplesperblock and blocks are attacker-controlled values sourced from the WAV file header, this can lead to an incorrect frame count, resulting in a heap buffer overflow or denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2026:19559

ALSA-2026:19560

ALSA-2026:19610

CVE-2026-37555

ECHO-784A-04F4-95B4

OPENSUSE-SU-2026:10730-1

RHSA-2026:19559

RHSA-2026:19560

RHSA-2026:19610

Affected Products

Rocky Linux

Libsndfile

CVE-2026-37555

Weakness Enumeration

Related Identifiers

Affected Products

References · 31