libsndfile-1.0.28-10.el8.1
エラータID: AXSA:2021-2382:01
Release date:
Tuesday, August 24, 2021 - 10:51
Subject:
libsndfile-1.0.28-10.el8.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV.
Security Fix(es):
* libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-3246
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
Solution:
Update packages.
CVEs:
CVE-2021-3246
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
Additional Info:
N/A
Download:
SRPMS
- libsndfile-1.0.28-10.el8.1.src.rpm
MD5: 6477be4233d3e15cd9bb23ee228a5459
SHA-256: d6d7ed4d16da3345ca1add2fd4fffba125a5b864d52036b2285855ade6a9c967
Size: 1.17 MB
Asianux Server 8 for x86_64
- libsndfile-1.0.28-10.el8.1.x86_64.rpm
MD5: fdfc418a9f530f569cfa8d732d02a140
SHA-256: 1ac28f3121280357e0473cc3d7488f50fc9e556ca7926962750a151cc37f6231
Size: 192.17 kB - libsndfile-1.0.28-10.el8.1.i686.rpm
MD5: d9237a39748adeb899a7767f492c8c15
SHA-256: b1f13eb7f751457eee2d04d359b8c074df9d3ebcc98b2be75f13fde7bba1ea74
Size: 216.51 kB