Libsndfile is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to cause denial-of-service conditions.
Information
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- libsndfile Homepage (libsndfile)
- CVE-2018-19432 (Redhat)
- CVE-2018-19432 libsndfile: Null pointer dereference in function sf_write_int in (Red Hat Bugzilla)
- out of bounds read in sf_write_int (Github)