Vulnerabilities > CVE-2023-34318 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2023-07-10

Updated: 2023-11-07

Summary

A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.

Vulnerable Configurations

Part	Description	Count
Application	Sox_Project SOX Project SOX 14.4.3	1
Application	Fedoraproject Fedoraproject Extra Packages FOR Enterprise Linux 8.0	1
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 6.0	2
OS	Fedoraproject Fedoraproject Fedora 38	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://access.redhat.com/security/cve/CVE-2023-34318
https://bugzilla.redhat.com/show_bug.cgi?id=2212283