#VU69350 Division by zero in speex - CVE-2020-23903

Cybersecurity Help s.r.o.

Published: 2022-11-15 | Updated: 2024-08-27

Vulnerability identifier: #VU69350

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-23903

CWE-ID: CWE-369

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
speex
Other software / Other software solutions

Vendor: www.speex.org

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when handling .wav files. A remote attacker can trick the victim into opening a specially crafted .wav file and crash the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

speex: 0.0.1 - 1.1.12

External links
https://github.com/xiph/speex/issues/13
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3SEV2ZRR47GSD3M7O5PH4XEJMKJJNG2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LXCRAYNW5ESCE2PIGTUXZNZHNYFLJ6PX/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Division by zero in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data

Multiple vulnerabilities in Oracle Solaris third-party software

Red Hat Enterprise Linux 9 update for speex

Multiple vulnerabilities in Oracle Linux

openEuler update for speex

Ubuntu update for speex

SUSE update for speex

Fedora 34 update for mingw-speex

Fedora 35 update for mingw-speex