Detections
Analytics

FreeBSD : libsndfile -- out-of-bounds read memory access (086c96cd-d0cb-11ea-b922-5404a68ad561)

high Nessus Plugin ID 139109

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

RedHat reports :

It was discovered the fix for CVE-2018-19758 was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.

Solution

Update the affected package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3832

http://www.nessus.org/u?918e5e1e

Plugin Details

Severity: High

ID: 139109

File Name: freebsd_pkg_086c96cdd0cb11eab9225404a68ad561.nasl

Version: 1.1

Type: local

Published: 7/30/2020

Updated: 7/30/2020

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:libsndfile, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 7/28/2020

Vulnerability Publication Date: 2/14/2019