本ページは libsndfile_project libsndfile に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-37555 | An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overf | [email protected] | 7.5 | 0.04% | 2026-04-29 | 2026-05-01 |
| CVE-2025-56226 | Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file. | [email protected] | 5.3 | 0.07% | 2026-01-14 | 2026-01-21 |
| CVE-2025-52194 | A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution. | [email protected] | 7.5 | 0.32% | 2025-08-21 | 2025-09-11 |
| CVE-2024-50613 | libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close. | [email protected] | 6.5 | 0.03% | 2024-10-27 | 2024-10-31 |
| CVE-2024-50612 | libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. | [email protected] | 5.5 | 0.03% | 2024-10-27 | 2024-11-05 |
| CVE-2022-33065 | Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts. | [email protected] | 7.8 | 0.02% | 2023-07-18 | 2024-11-21 |
| CVE-2022-33064 | An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts. | [email protected] | 7.8 | 0.03% | 2023-07-18 | 2024-11-21 |
| CVE-2021-4156 | An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws. | [email protected] | 7.1 | 0.11% | 2022-03-23 | 2025-12-11 |
| CVE-2021-3246 | A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file. | [email protected] | 8.8 | 0.81% | 2021-07-20 | 2024-11-21 |
| CVE-2019-3832 | It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash. | [email protected] | 5.5 | 0.05% | 2019-03-21 | 2024-11-21 |
| CVE-2018-19758 | There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | [email protected] | 6.5 | 0.88% | 2018-11-30 | 2024-11-21 |
| CVE-2018-19662 | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service. | [email protected] | 8.1 | 0.70% | 2018-11-29 | 2024-11-21 |
| CVE-2018-19661 | An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service. | [email protected] | 6.5 | 0.66% | 2018-11-29 | 2024-11-21 |
| CVE-2018-19432 | An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service. | [email protected] | 6.5 | 0.97% | 2018-11-22 | 2024-11-21 |
| CVE-2018-13419 | An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue | [email protected] | 6.5 | 0.24% | 2018-07-07 | 2024-11-21 |
| CVE-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | [email protected] | 8.8 | 1.80% | 2018-07-04 | 2024-11-21 |
| CVE-2017-16942 | In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS when playing a crafted audio file. | [email protected] | 6.5 | 0.15% | 2017-11-25 | 2026-05-13 |
| CVE-2017-14246 | An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | [email protected] | 8.1 | 0.68% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14245 | An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values. | [email protected] | 8.1 | 0.43% | 2017-09-21 | 2026-05-13 |
| CVE-2017-14634 | In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file. | [email protected] | 6.5 | 1.15% | 2017-09-21 | 2026-05-13 |