An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-15T23:00:00
Updated: 2019-08-02T02:06:05
Reserved: 2019-02-15T00:00:00
Link: CVE-2019-8355
JSON object: View
NVD Information
Status : Modified
Published: 2019-02-15T23:29:00.307
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-8355
JSON object: View
Redhat Information
No data.