Project

General

Profile

Bug #6816

wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
-
Start date:
02/06/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

CVE-2016-10169: global buffer overread in read_code / read_words.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

CVE-2016-10170: Heap out of bounds read in WriteCaffHeader / caff.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

CVE-2016-10171: heap out of bounds read in unreorder_channels / wvunpack.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

CVE-2016-10172: Heap out of bounds read in read_new_config_info / open_utils.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc


Subtasks

Bug #6817: [3.6] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)ClosedNatanael Copa

Bug #6818: [3.5] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)ClosedNatanael Copa

Bug #6819: [3.4] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)ClosedNatanael Copa

Bug #6820: [3.3] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)ClosedNatanael Copa

Bug #6821: [3.2] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)ClosedNatanael Copa

History

#1 Updated by Alicha CH over 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed

Also available in: Atom PDF