Back to search
CVE-2019-11498
Published: Apr 24, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/dbry/WavPack/issues/67
x_refsource_MISC
USN-3960-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2019-52145aa7ca
vendor-advisory
x_refsource_FEDORA
FEDORA-2019-b8a704ff4b
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-e55567b6be
vendor-advisory
x_refsource_FEDORA
FEDORA-2020-73274c9df4
vendor-advisory
x_refsource_FEDORA
GLSA-202007-19
vendor-advisory
x_refsource_GENTOO
[debian-lts-announce] 20210115 [SECURITY] [DLA 2525-1] wavpack security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now