Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2024-50612
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50612
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50612.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50612
Downstream
BELL-CVE-2024-50612
DEBIAN-CVE-2024-50612
DLA-4287-1
OESA-2024-2559
RHSA-2024:11172
RHSA-2024:11192
RHSA-2024:11237
RLSA-2024:11192
UBUNTU-CVE-2024-50612
USN-7267-1
USN-7267-2
USN-7273-1
openSUSE-SU-2024:14532-1
Related
ALSA-2024:11192
ALSA-2024:11237
MGASA-2024-0373
RLSA-2024:11237
openSUSE-SU-2024:14532-1
Published
2024-10-27T22:15:03Z
Modified
2025-09-19T15:11:14.465037Z
Severity
5.5 (Medium)
CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
[none]
Details
libsndfile through 1.2.2 has an ogg
vorbis.c vorbis
analysis_wrote out-of-bounds read.
References
https://github.com/libsndfile/libsndfile/issues/1035
https://security.alpinelinux.org/vuln/CVE-2024-50612
Affected packages
Alpine:v3.18
libsndfile
Package
Name
libsndfile
Purl
pkg:apk/alpine/libsndfile?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.2.2-r1
Affected versions
1.*
1.0.19-r0
1.0.20-r0
1.0.21-r0
1.0.21-r1
1.0.21-r2
1.0.21-r3
1.0.22-r0
1.0.23-r0
1.0.23-r1
1.0.24-r0
1.0.24-r1
1.0.25-r0
1.0.25-r1
1.0.25-r2
1.0.25-r3
1.0.26-r0
1.0.27-r0
1.0.28-r0
1.0.28-r1
1.0.28-r2
1.0.28-r3
1.0.28-r4
1.0.28-r5
1.0.28-r6
1.0.28-r7
1.0.28-r8
1.0.29-r0
1.0.29-r1
1.0.31-r0
1.0.31-r1
1.1.0-r0
1.1.0-r1
1.1.0-r2
1.1.0-r3
1.2.0-r0
1.2.0-r1
1.2.0-r2
1.2.2-r0
Alpine:v3.19
libsndfile
Package
Name
libsndfile
Purl
pkg:apk/alpine/libsndfile?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.2.2-r1
Affected versions
1.*
1.0.19-r0
1.0.20-r0
1.0.21-r0
1.0.21-r1
1.0.21-r2
1.0.21-r3
1.0.22-r0
1.0.23-r0
1.0.23-r1
1.0.24-r0
1.0.24-r1
1.0.25-r0
1.0.25-r1
1.0.25-r2
1.0.25-r3
1.0.26-r0
1.0.27-r0
1.0.28-r0
1.0.28-r1
1.0.28-r2
1.0.28-r3
1.0.28-r4
1.0.28-r5
1.0.28-r6
1.0.28-r7
1.0.28-r8
1.0.29-r0
1.0.29-r1
1.0.31-r0
1.0.31-r1
1.1.0-r0
1.1.0-r1
1.1.0-r2
1.1.0-r3
1.2.0-r0
1.2.0-r1
1.2.0-r2
1.2.0-r3
1.2.2-r0
Alpine:v3.20
libsndfile
Package
Name
libsndfile
Purl
pkg:apk/alpine/libsndfile?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.2.2-r1
Affected versions
1.*
1.0.19-r0
1.0.20-r0
1.0.21-r0
1.0.21-r1
1.0.21-r2
1.0.21-r3
1.0.22-r0
1.0.23-r0
1.0.23-r1
1.0.24-r0
1.0.24-r1
1.0.25-r0
1.0.25-r1
1.0.25-r2
1.0.25-r3
1.0.26-r0
1.0.27-r0
1.0.28-r0
1.0.28-r1
1.0.28-r2
1.0.28-r3
1.0.28-r4
1.0.28-r5
1.0.28-r6
1.0.28-r7
1.0.28-r8
1.0.29-r0
1.0.29-r1
1.0.31-r0
1.0.31-r1
1.1.0-r0
1.1.0-r1
1.1.0-r2
1.1.0-r3
1.2.0-r0
1.2.0-r1
1.2.0-r2
1.2.0-r3
1.2.2-r0
Alpine:v3.21
libsndfile
Package
Name
libsndfile
Purl
pkg:apk/alpine/libsndfile?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.2.2-r2
Affected versions
1.*
1.0.19-r0
1.0.20-r0
1.0.21-r0
1.0.21-r1
1.0.21-r2
1.0.21-r3
1.0.22-r0
1.0.23-r0
1.0.23-r1
1.0.24-r0
1.0.24-r1
1.0.25-r0
1.0.25-r1
1.0.25-r2
1.0.25-r3
1.0.26-r0
1.0.27-r0
1.0.28-r0
1.0.28-r1
1.0.28-r2
1.0.28-r3
1.0.28-r4
1.0.28-r5
1.0.28-r6
1.0.28-r7
1.0.28-r8
1.0.29-r0
1.0.29-r1
1.0.31-r0
1.0.31-r1
1.1.0-r0
1.1.0-r1
1.1.0-r2
1.1.0-r3
1.2.0-r0
1.2.0-r1
1.2.0-r2
1.2.0-r3
1.2.2-r0
1.2.2-r1
Alpine:v3.22
libsndfile
Package
Name
libsndfile
Purl
pkg:apk/alpine/libsndfile?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.2.2-r2
Affected versions
1.*
1.0.19-r0
1.0.20-r0
1.0.21-r0
1.0.21-r1
1.0.21-r2
1.0.21-r3
1.0.22-r0
1.0.23-r0
1.0.23-r1
1.0.24-r0
1.0.24-r1
1.0.25-r0
1.0.25-r1
1.0.25-r2
1.0.25-r3
1.0.26-r0
1.0.27-r0
1.0.28-r0
1.0.28-r1
1.0.28-r2
1.0.28-r3
1.0.28-r4
1.0.28-r5
1.0.28-r6
1.0.28-r7
1.0.28-r8
1.0.29-r0
1.0.29-r1
1.0.31-r0
1.0.31-r1
1.1.0-r0
1.1.0-r1
1.1.0-r2
1.1.0-r3
1.2.0-r0
1.2.0-r1
1.2.0-r2
1.2.0-r3
1.2.2-r0
1.2.2-r1
Git
github.com/erikd/libsndfile
Affected ranges
Type
GIT
Repo
https://github.com/erikd/libsndfile
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
72f6af15e8f85157bd622ed45b979025828b7001
Affected versions
1.*
1.0.25
1.0.26
1.0.27
1.0.28
1.0.31
1.1.0
1.1.0beta1
1.1.0beta2
1.2.0
1.2.1
1.2.2
v1.*
v1.0.29
v1.0.30
CVE-2024-50612 - OSV