Vulnerabilities > CVE-2021-23172 - Unspecified vulnerability in SOX Project SOX 14.4.27

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

sox-project

NVD

Published: 2022-08-25

Updated: 2024-11-21

Summary

A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread() in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash.

Vulnerable Configurations

Part	Description	Count
Application	Sox_Project SOX Project SOX 14.4.2-7	1

References

https://access.redhat.com/security/cve/CVE-2021-23172
https://access.redhat.com/security/cve/CVE-2021-23172
https://bugzilla.redhat.com/show_bug.cgi?id=1975666
https://bugzilla.redhat.com/show_bug.cgi?id=1975666
https://security.archlinux.org/CVE-2021-23172
https://security.archlinux.org/CVE-2021-23172
https://sourceforge.net/p/sox/bugs/350/
https://sourceforge.net/p/sox/bugs/350/