CVE-2018-7253

The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file.

References

Affected packages

Git / github.com/dbry/wavpack

Affected ranges

Type: GIT
Repo: https://github.com/dbry/wavpack
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

36a24c7881427d2e1e4dc1cef58f19eee0d13aec

Affected versions

4.*

4.70.0

4.70.0-rc

4.75.0

4.75.0-rc

4.75.2

4.80.0

4.80.0-rc

5.*

5.0.0

5.0.0-alpha

5.0.0-alpha2

5.0.0-alpha3

5.0.0-alpha4

5.0.0-alpha5

5.1.0

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "81332561189786647624362732108474924916",
                "252273718220831402351615931267967076331",
                "170544926138746867049186387820673304091",
                "245929849587120000166047487591166708931"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "cli/dsdiff.c"
        },
        "signature_type": "Line",
        "id": "CVE-2018-7253-5c2dcc3c",
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/dbry/wavpack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec"
    },
    {
        "digest": {
            "length": 6317.0,
            "function_hash": "228216815797683513329737268913628450895"
        },
        "target": {
            "file": "cli/dsdiff.c",
            "function": "ParseDsdiffHeaderConfig"
        },
        "signature_type": "Function",
        "id": "CVE-2018-7253-c1bfef83",
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/dbry/wavpack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec"
    }
]