UBUNTU-CVE-2019-8356
- Source
- https://ubuntu.com/security/CVE-2019-8356
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-8356.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-8356
- Related
- Published
- 2019-02-15T00:00:00Z
- Modified
- 2025-01-13T10:21:54Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / sox
Package
- Name
- sox
- Purl
- pkg:deb/ubuntu/sox@14.4.1-3ubuntu1.1+esm1?arch=source&distro=trusty/esm
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed14.4.1-3ubuntu1.1+esm1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-dev"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-all"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-alsa"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-alsa-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-ao"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-ao-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-base"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-base-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-mp3"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-mp3-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-oss"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-oss-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-pulse"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox-fmt-pulse-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox2"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "libsox2-dbgsym"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "sox"
},
{
"binary_version": "14.4.1-3ubuntu1.1+esm1",
"binary_name": "sox-dbgsym"
}
]
}
Ubuntu:16.04:LTS / sox
Package
- Name
- sox
- Purl
- pkg:deb/ubuntu/sox@14.4.1-5+deb8u4ubuntu0.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed14.4.1-5+deb8u4ubuntu0.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-dev"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-all"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-alsa"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-alsa-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-ao"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-ao-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-base"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-base-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-mp3"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-mp3-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-oss"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-oss-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-pulse"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox-fmt-pulse-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox2"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "libsox2-dbgsym"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "sox"
},
{
"binary_version": "14.4.1-5+deb8u4ubuntu0.1",
"binary_name": "sox-dbgsym"
}
]
}
Ubuntu:18.04:LTS / sox
Package
- Name
- sox
- Purl
- pkg:deb/ubuntu/sox@14.4.2-3ubuntu0.18.04.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed14.4.2-3ubuntu0.18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-dev"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-all"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-alsa"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-alsa-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-ao"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-ao-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-base"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-base-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-mp3"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-mp3-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-oss"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-oss-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-pulse"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox-fmt-pulse-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox3"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "libsox3-dbgsym"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "sox"
},
{
"binary_version": "14.4.2-3ubuntu0.18.04.1",
"binary_name": "sox-dbgsym"
}
]
}