CVE-2017-18189

Published: Feb 15, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://public-inbox.org/sox-devel/20171109114554.16297-1-mans%40mansr.com/raw

x_refsource_MISC

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121

x_refsource_MISC

[debian-lts-announce] 20190228 [SECURITY] [DLA 1695-1] sox security update

mailing-list

x_refsource_MLIST

RHSA-2019:2283

vendor-advisory

x_refsource_REDHAT

FEDORA-2020-1dfaa1963b

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-cb7b7181a0

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-18189

Description

Affected Products

References