CVE-2022-3165

Related Files

Ubuntu Security Notice USN-5904-2

Posted Mar 21, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5904-2 - USN-5904-1 fixed vulnerabilities in SoX. It was discovered that the fix for CVE-2021-33844 was incomplete. This update fixes the problem. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS.

tags | advisory, remote, denial of service, vulnerability

systems | linux, ubuntu

advisories | CVE-2019-13590, CVE-2021-33844, CVE-2022-31651

SHA-256 | 9eb608d1d81df98a62419fb66e125f081ea979dfda8e237aabfad17285322c4d

Download | Favorite | View

Ubuntu Security Notice USN-5904-1

Posted Mar 2, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5904-1 - Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2019-13590, CVE-2021-33844, CVE-2021-3643, CVE-2022-31651

SHA-256 | 204be9e8473638ed4720ed4085637c4cbfa4a6559a5bc7f2d05a72635d2fd8ef

Download | Favorite | View

Debian Security Advisory 5356-1

Posted Feb 21, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5356-1 - Multiple security issues were discovered in Sox, the Swiss Army knife of sound processing programs, which could result in denial of service or potentially the execution of arbitrary code if a malformed audio file is processed.

tags | advisory, denial of service, arbitrary

systems | linux, debian

advisories | CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, CVE-2022-31651

SHA-256 | 4547d5396d52db93554a168ee672328c338504ca678dde0458f28eb06373a9dd

Download | Favorite | View

Ubuntu Security Notice USN-5772-1

Posted Dec 12, 2022

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5772-1 - It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that QEMU did not properly manage memory when it transfers the USB packets. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2021-3682, CVE-2021-3750, CVE-2021-3930, CVE-2022-0216, CVE-2022-2962, CVE-2022-3165

SHA-256 | 768024681dfd9068a64b260049ff17b38a9319596abe4a29fe8b4d7a96a0987a

Download | Favorite | View