Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/dbr...
MISC: https://github.com/dbr...
UBUNTU: USN-3637-1
DEBIAN: DSA-4197
BUGTRAQ: 20191219 [slackware-se...
MISC: http://packetstormsecu...
FEDORA: FEDORA-2020-e55567b6be
FEDORA: FEDORA-2020-73274c9df4

Launchpad.net

CVE 2018-10538

Related bugs

References