Libsndfile

libsndfile

CVEs (32)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-37555 1Libsndfile Project 1Libsndfile May 1, 2026 Apr 29, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int)...Show more An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065.Show less
CVE-2025-56226 1Libsndfile Project 1Libsndfile Jan 21, 2026 Jan 14, 2026 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.
CVE-2025-52194 1Libsndfile Project 1Libsndfile Sep 11, 2025 Aug 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:1...Show more A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.Show less
CVE-2024-50613 1Libsndfile Project 1Libsndfile Oct 31, 2024 Oct 27, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.
CVE-2024-50612 1Libsndfile Project 1Libsndfile Nov 5, 2024 Oct 27, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
CVE-2022-33065 1Libsndfile Project 1Libsndfile Nov 21, 2024 Jul 18, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified imp...Show more Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.Show less
CVE-2022-33064 1Libsndfile Project 1Libsndfile Nov 21, 2024 Jul 18, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts.
CVE-2021-4156 2Debian Libsndfile Project 2Debian Linux Libsndfile Dec 11, 2025 Mar 23, 2022 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfil...Show more An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.Show less
CVE-2021-3246 3Debian FedoraprojectLibsndfile Project 3Debian Linux FedoraLibsndfile Nov 21, 2024 Jul 20, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
CVE-2019-3832 3Canonical DebianLibsndfile Project 3Debian Linux LibsndfileUbuntu Linux Nov 21, 2024 Mar 21, 2019 N/A· v4 5.5 MEDIUM· v3 1.9 LOW· v2 It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the app...Show more It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.Show less
CVE-2018-19758 2Debian Libsndfile Project 2Debian Linux Libsndfile Nov 21, 2024 Nov 30, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.
CVE-2018-19662 2Debian Libsndfile Project 2Debian Linux Libsndfile Nov 21, 2024 Nov 29, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
CVE-2018-19661 2Debian Libsndfile Project 2Debian Linux Libsndfile Nov 21, 2024 Nov 29, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.
CVE-2018-19432 2Debian Libsndfile Project 2Debian Linux Libsndfile Nov 21, 2024 Nov 22, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.
CVE-2018-13419 1Libsndfile Project 1Libsndfile Nov 21, 2024 Jul 7, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue
CVE-2018-13139 2Debian Libsndfile Project 2Debian Linux Libsndfile Nov 21, 2024 Jul 4, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. Th...Show more A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave.Show less
CVE-2017-16942 1Libsndfile Project 1Libsndfile May 13, 2026 Nov 25, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file.
CVE-2017-14246 2Debian Libsndfile Project 2Debian Linux Libsndfile May 13, 2026 Sep 21, 2017 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-14245 2Debian Libsndfile Project 2Debian Linux Libsndfile May 13, 2026 Sep 21, 2017 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values.
CVE-2017-14634 2Debian Libsndfile Project 2Debian Linux Libsndfile May 13, 2026 Sep 21, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file.

12 Next