An out-of-bounds write vulnerability exists in the madrflacdecode_sampleslpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
{
"unresolved_ranges": [
{
"source": "AFFECTED_FIELD",
"extracted_events": [
{
"introduced": "v0.11.21"
},
{
"last_affected": "v0.11.21"
}
]
}
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41147.json",
"cwe_ids": [
"CWE-122"
],
"cna_assigner": "talos"
}