CVE-2021-3643
Summary
| CVE | CVE-2021-3643 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-05-02 19:15:00 UTC |
|---|
| Updated | 2023-02-12 23:42:00 UTC |
|---|
| Description | A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Application |
Sox Project |
Sox |
14.4.1 |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| oss-security - Re: sox: patches for old vulnerabilities |
MLIST |
www.openwall.com |
|
| 1980626 – (CVE-2021-3643) CVE-2021-3643 sox: buffer overflow read vulnerability |
MISC |
bugzilla.redhat.com |
|
| [SECURITY] [DLA 3315-1] sox security update |
MLIST |
lists.debian.org |
|
| oss-security - sox: patches for old vulnerabilities |
MLIST |
www.openwall.com |
|
| oss-security - Re: sox: patches for old vulnerabilities |
MLIST |
www.openwall.com |
|
| oss-security - Re: sox: patches for old vulnerabilities |
MLIST |
www.openwall.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181553 Debian Security Update for sox (DLA 3315-1)
- 181674 Debian Security Update for sox (DSA 5356-1)
- 182266 Debian Security Update for sox (CVE-2021-3643)
- 199206 Ubuntu Security Notification for SoX Vulnerabilities (USN-5904-1)
- 503268 Alpine Linux Security Update for sox
- 506247 Alpine Linux Security Update for sox
