soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. This attack appear to be exploitable via victim must open maliocius file in soundstretch utility.
{ "binaries": [ { "binary_name": "libsoundtouch-dev", "binary_version": "1.7.1-5ubuntu0.1~esm1" }, { "binary_name": "libsoundtouch0", "binary_version": "1.7.1-5ubuntu0.1~esm1" }, { "binary_name": "soundstretch", "binary_version": "1.7.1-5ubuntu0.1~esm1" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "libsoundtouch-dev", "binary_version": "1.9.2-2+deb9u1ubuntu0.1~esm1" }, { "binary_name": "libsoundtouch1", "binary_version": "1.9.2-2+deb9u1ubuntu0.1~esm1" }, { "binary_name": "soundstretch", "binary_version": "1.9.2-2+deb9u1ubuntu0.1~esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "libsoundtouch-dev", "binary_version": "1.9.2-3ubuntu0.1~esm1" }, { "binary_name": "libsoundtouch1", "binary_version": "1.9.2-3ubuntu0.1~esm1" }, { "binary_name": "soundstretch", "binary_version": "1.9.2-3ubuntu0.1~esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }