CVE-2017-6892

In libsndfile version 1.0.28, an error in the "aiffreadchanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file.

References

Affected packages

Git / github.com/erikd/libsndfile

Affected ranges

Type: GIT
Repo: https://github.com/erikd/libsndfile
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Git / github.com/libsndfile/libsndfile

Affected ranges

Type: GIT
Repo: https://github.com/libsndfile/libsndfile
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f833c53cb596e9e1792949f762e0b33661822748

Affected versions

1.*

1.0.25

1.0.26

1.0.27

1.0.28

Database specific

vanir_signatures

[
    {
        "id": "CVE-2017-6892-55444977",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "276301945435074693087199541020521119743",
                "14628834658780185090095273237249298359",
                "53720112706389092750735275414534677008",
                "121306659812678256522025238680806655238"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "src/aiff.c"
        },
        "source": "https://github.com/libsndfile/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748"
    },
    {
        "id": "CVE-2017-6892-71c78636",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "331773818688109379266732464428607689228",
            "length": 729.0
        },
        "target": {
            "file": "src/aiff.c",
            "function": "aiff_read_chanmap"
        },
        "source": "https://github.com/libsndfile/libsndfile/commit/f833c53cb596e9e1792949f762e0b33661822748"
    }
]