CVE-2024-50612

Description

libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

Affected packages (2)

• Alpine/libsndfilefrom 0, < 1.2.2-r1
• Debian/libsndfilefrom 0, < 1.0.31-2+deb11u1

CVSS scores

References (2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2024-50612
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2024-50612