Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 20 results


CVE-2020-18781

Medium priority
Not affected

Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-24599

Low priority

Some fixes available 7 of 9

In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the...

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed Fixed Fixed Fixed
Show less packages

CVE-2019-13147

Medium priority

Some fixes available 7 of 16

In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2linear_buf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Vulnerable Fixed Fixed Fixed Fixed
Show less packages

CVE-2018-17095

Medium priority

Some fixes available 3 of 5

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Not affected Not affected Fixed Fixed
Show less packages

CVE-2018-13440

Low priority

Some fixes available 3 of 6

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Not affected Not affected Fixed Fixed
Show less packages

CVE-2017-6828

Medium priority
Fixed

Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6827

Medium priority
Fixed

Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6839

Medium priority
Fixed

Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6838

Medium priority
Fixed

Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages

CVE-2017-6837

Medium priority
Fixed

WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.

1 affected packages

audiofile

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
audiofile Fixed
Show less packages