VDB

GCVE-110-MAGEIA-2018-105

GCVE-110-MAGEIA-2018-105
Advisory Published
Vulnetix · Advisory published February 2, 2018
There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file (CVE-2017-15370). There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file (CVE-2017-15371).

Affected Products

VendorProductVersionsPlatforms
Mageiasox0 (affected), 14.4.2-7.1.mga6 (unaffected), 0 (affected), 14.4.2-7.1.mga6 (unaffected)
Mageiapidgin0 (affected), 2.13.0-1.mga6 (unaffected)
Mageiasox0 (affected), 14.4.1-6.1.mga5 (unaffected), 0 (affected), 14.4.1-6.1.mga5 (unaffected)

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›