Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-26590

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Floating point exception in src/aiff.c

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

References

https://access.redhat.com/security/cve/CVE-2023-26590 x_refsource_REDHAT vdb-entry
RHBZ#2212279 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-26590 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2212279 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-26590 x_refsource_REDHAT vdb-entry
RHBZ#2212279 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-26590 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2212279 issue-tracking x_refsource_REDHAT x_transferred

Affected products

sox

Matching in nixpkgs

pkgs.sox

Sample Rate Converter for audio

nixos-unstable -
- nixpkgs-unstable 2021-05-09

pkgs.soxr

Audio resampling library

nixos-unstable -
- nixpkgs-unstable 0.1.3

pkgs.soxt

GUI binding for using Open Inventor with Xt/Motif

nixos-unstable -
- nixpkgs-unstable 2019-06-14

pkgs.haskellPackages.sox

Play, write, read, convert audio signals using Sox

nixos-unstable -
- nixpkgs-unstable 0.2.3.2

pkgs.haskellPackages.soxlib

Write, read, convert audio signals using libsox

nixos-unstable -
- nixpkgs-unstable 0.0.3.2

pkgs.python312Packages.soxr

High quality, one-dimensional sample-rate conversion library

nixos-unstable -
- nixpkgs-unstable 1.0.0

pkgs.python313Packages.soxr