[3.2] libsndfile: Heap overflow vulnerability when parsing specially crafted AIFF header (CVE-2015-7805)
A heap-based buffer overflow vulnerability was found in libsndfile.
Vulnerability is based on the wrong management of the headindex and
headend values.
While parsing a specially crafted AIFF header, the attacker can manage
index values
in order to use memcpy(…) to overwrite memory heap.
Affected versions:
<= 1.0.25
References:
http://seclists.org/oss-sec/2015/q4/216
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-7805
https://www.exploit-db.com/exploits/38447/
(from redmine: issue id 4940, created on 2015-12-10, closed on 2015-12-30)
- Relations:
- parent #4939 (closed)
- Changesets:
- Revision cec9e658 by Natanael Copa on 2015-12-16T12:27:52Z:
main/libsndfile: security upgrade to 1.0.26 (CVE-2015-7805)
fixes #4940