Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 5 Oct 2015 21:03:19 -0700
From: Seth Arnold <seth.arnold@...onical.com>
To: oss-security@...ts.openwall.com
Cc: michael@....org, security@...ntu.com
Subject: CVE Request: Audio File Library

Hello MITRE, all,

Fabrizio Gennari reported an issue in The Audio File library to the Ubuntu
bugtracker:
https://bugs.launchpad.net/ubuntu/+source/audiofile/+bug/1502721

His description included, in part:

        When libaudiofile is used to change both the number of channels of
	an audio file (e.g. from stereo to mono) and the sample format
	(e.g. from 16-bit samples to 8-bit samples), the output file will
	contain corrupted data.

	If the new sample format is smaller than the old one, there is a
	risk of buffer overflow: e.g. when the input file has 16-bit
	samples and the output file has 8-bit samples, afReadFrames will
	treat the buffer to read the samples (argument void *data) as a
	pointer to int16_t instead of int8_t, therefore it will write past
	its end.

He proposed a solution and test case to the Audio File library:
https://github.com/mpruett/audiofile/pull/25/files

Please assign a CVE as appropriate.

Thanks

Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ