Vulnerability Details CVE-2020-36151
Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- https://github.com/hoene/libmysofa/issues/134
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/
- https://github.com/hoene/libmysofa/issues/134
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/
Products affected by CVE-2020-36151
-
cpe:2.3:a:symonics:libmysofa:0.5
-
cpe:2.3:a:symonics:libmysofa:0.6
-
cpe:2.3:a:symonics:libmysofa:0.7
-
cpe:2.3:a:symonics:libmysofa:0.8
-
cpe:2.3:a:symonics:libmysofa:0.9
-
cpe:2.3:a:symonics:libmysofa:0.9.1
-
cpe:2.3:a:symonics:libmysofa:1.0
-
cpe:2.3:a:symonics:libmysofa:1.1
-
cpe:2.3:o:fedoraproject:fedora:32