| Errata ID | 612 |
|---|---|
| Date | 2019-03-06 |
| Source package | sox |
| Fixed in version | 14.4.1-5+deb8u3 |
| Description | This update addresses the following issues: * Two heap out-of-bounds access issues (CVE-2014-8145) * Divide by zero in function startread() in wav.c (CVE-2017-11332) * Invalid memory read in function read_samples() in hcom.c (CVE-2017-11358) * Devide by zero in function wavwritehdr() in wav.c (CVE-2017-11359) * Heap-based buffer overflow in the function ImaExpandS() of ima_rw.c (CVE-2017-15370) * Reachable assertion abort in the function sox_append_comment() (CVE-2017-15371) * Stack-based buffer overflow in the function lsx_ms_adpcm_block_expand_i() of adpcm.c (CVE-2017-15372) * Use-after-free in output_message, triggered by crafted aiff file (CVE-2017-15642) * Null pointer dereference caused by corrupt header specifying zero channels, sending read_channels() into an infinite loop (CVE-2017-18189) |
| Additional notes | |
| CVE ID | CVE-2014-8145 CVE-2017-15370 CVE-2017-15372 CVE-2017-18189 CVE-2017-15642 CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15371 |
| UCS Bug number | #48870 |
