FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libsndfile -- out-of-bounds read memory access

Affected packages
libsndfile < 1.0.29.p.20200620

Details

VuXML ID 086c96cd-d0cb-11ea-b922-5404a68ad561
Discovery 2019-02-14
Entry 2020-07-28

RedHat reports:

It was discovered the fix for CVE-2018-19758 was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.

References

URL https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3832