In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.
References
Configurations
History
24 Jun 2021, 15:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sound_exchange_project:sound_exchange:*:*:*:*:*:*:*:* |
Information
Published : 2018-02-15 10:29
Updated : 2024-02-04 19:46
NVD link : CVE-2017-18189
Mitre link : CVE-2017-18189
CVE.ORG link : CVE-2017-18189
JSON object : View
Products Affected
sound_exchange_project
- sound_exchange
debian
- debian_linux
CWE
CWE-476
NULL Pointer Dereference