Description
In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.
References (4)
Core 4
Core References
Mailing List mailing-list
http://www.openwall.com/lists/oss-security/2023/02/03/3
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/02/msg00009.html
Exploit, Third Party Advisory
https://sourceforge.net/p/sox/bugs/360/
Third Party Advisory vendor-advisory
https://www.debian.org/security/2023/dsa-5356
Scores
CVSS v3
5.5
EPSS
0.0111
EPSS Percentile
61.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-697
Status
published
Products (1)
sound_exchange_project/sound_exchange
14.4.2
Published
May 25, 2022
Tracked Since
Feb 18, 2026