Vulnerabilities > CVE-2021-3643 - Unspecified vulnerability in SOX Project SOX 14.4.1

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

sox-project

critical

NVD

Published: 2022-05-02

Updated: 2024-11-21

Summary

A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Sox_Project SOX Project SOX 14.4.1	1

References

https://bugzilla.redhat.com/show_bug.cgi?id=1980626
https://bugzilla.redhat.com/show_bug.cgi?id=1980626