SB2022071110 - Denial of service in Wavpack
Published: July 11, 2022 Updated: November 17, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2021-44269)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when processing *.WAV files within the WavpackPackSamples() function in src/pack_utils.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and crash the application.
2) NULL pointer dereference (CVE-ID: CVE-2022-2476)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the WavePack's main() function at cli/wvunpack.c. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://github.com/dbry/WavPack/issues/110
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRZWZKEEABCLVXZEXQZBIT3ZKLIXVFF5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CZUFTX3J4Y4OSRITG4PXCI7NRVFDYVQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQKOOJRI2VAPYS3652HVDXON723HTXBP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5B7L26LA6KGX7YH6SWD5CSBNWKV5MBO/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I54NXQZELBF42OL4KQZJJRAYZX7IPZXP/
- https://github.com/dbry/WavPack/issues/121
- https://bugzilla.redhat.com/show_bug.cgi?id=2110455
- https://github.com/dbry/WavPack/commit/25b4a2725d8568212e7cf89ca05ca29d128af7ac