It was discovered that WavPack was not properly performing checks when dealing with memory. If a user were tricked into decompressing a specially crafted WavPack Audio File, an attacker could possibly use this issue to cause the WavPack decompressor to crash, resulting in a denial of service.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "4.75.2-2ubuntu0.2+esm1", "binary_name": "libwavpack-dev" }, { "binary_version": "4.75.2-2ubuntu0.2+esm1", "binary_name": "libwavpack1" }, { "binary_version": "4.75.2-2ubuntu0.2+esm1", "binary_name": "libwavpack1-dbgsym" }, { "binary_version": "4.75.2-2ubuntu0.2+esm1", "binary_name": "wavpack" }, { "binary_version": "4.75.2-2ubuntu0.2+esm1", "binary_name": "wavpack-dbgsym" } ] }