ArchLinux: 201602-9: lib32-libsndfile: multiple issues
Summary
- CVE-2014-9496 (unspecified impact)
The sd2_parse_rsrc_fork function in sd2.c in lib32-libsndfile allows
attackers to have unspecified impact via vectors related to a (1) map offset
or (2) rsrc marker, which triggers an out-of-bounds read.
- CVE-2014-9756 (denial of service)
The psf_fwrite function in file_io.c in lib32-libsndfile allows attackers to
cause a denial of service (divide-by-zero error and application crash) via
unspecified vectors related to the headindex variable.
- CVE-2015-7805 (unspecified impact)
Heap-based buffer overflow in lib32-libsndfile 1.0.25 allows remote
attackers to have unspecified impact via the headindex value in the header
in an AIFF file.
Resolution
Upgrade to 1.0.26-1.
# pacman -Syu "lib32-libsndfile>=1.0.26-1"
The problems have been fixed upstream in version 1.0.26.
References
https://access.redhat.com/security/cve/CVE-2014-9496 https://access.redhat.com/security/cve/CVE-2014-9756 https://access.redhat.com/security/cve/CVE-2015-7805
Workaround
None.