Bug 1212063 (CVE-2023-34432) - VUL-0: CVE-2023-34432: sox: heap-buffer-overflow in src/formats_i.c
Summary: VUL-0: CVE-2023-34432: sox: heap-buffer-overflow in src/formats_i.c
Status: RESOLVED FIXED
Alias: CVE-2023-34432
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/368477/
Whiteboard:
Keywords:
Depends on:
Blocks: 1225537
  Show dependency treegraph
 
Reported: 2023-06-06 13:56 UTC by Robert Frohl
Modified: 2024-05-29 11:16 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2023-06-06 13:56:30 UTC 
CVE-2023-34432

A vulnerabilty was found in sox v14.4.3, heap-buffer-overflow vulnerability that exists in the lsx_readbuf function at sox/src/formats_i.c:98:16. This vulnerability could lead to security issues such as denial of service, code execution, or information disclosure.

References:
https://sourceforge.net/p/sox/bugs/367/

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-34432
https://bugzilla.redhat.com/show_bug.cgi?id=2212291
Comment 1 Takashi Iwai 2023-10-25 11:47:46 UTC 
It seems that this is fixed by the fix patches for old CVE-2021-23159 and CVE-2021-23172. I backported the patches taken from Debian.
Comment 2 Takashi Iwai 2023-10-25 12:00:26 UTC 
Fixes submitted to Leap 15.4/15.5 and TW.
Reassigned back to security team.
Comment 3 OBSbugzilla Bot 2023-10-25 12:35:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1212063) was mentioned in
https://build.opensuse.org/request/show/1120242 Backports:SLE-15-SP4 / sox
https://build.opensuse.org/request/show/1120243 Backports:SLE-15-SP5 / sox
Comment 4 Marcus Meissner 2023-10-26 16:05:31 UTC 
openSUSE-SU-2023:0328-1: An update that fixes 10 vulnerabilities is now available.

Category: security (important)
Bug References: 1212060,1212061,1212062,1212063
CVE References: CVE-2019-13590,CVE-2021-23159,CVE-2021-33844,CVE-2021-3643,CVE-2021-40426,CVE-2022-31650,CVE-2022-31651,CVE-2023-32627,CVE-2023-34318,CVE-2023-34432
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP4 (src):    sox-14.4.2-bp154.2.3.1
Comment 5 Marcus Meissner 2023-10-26 16:06:13 UTC 
openSUSE-SU-2023:0329-1: An update that fixes 10 vulnerabilities is now available.

Category: security (important)
Bug References: 1212060,1212061,1212062,1212063
CVE References: CVE-2019-13590,CVE-2021-23159,CVE-2021-33844,CVE-2021-3643,CVE-2021-40426,CVE-2022-31650,CVE-2022-31651,CVE-2023-32627,CVE-2023-34318,CVE-2023-34432
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    sox-14.4.2-bp155.3.3.1
Comment 6 Robert Frohl 2024-05-14 10:54:07 UTC 
done, closing
Comment 7 Andreas Stieger 2024-05-28 21:42:08 UTC 
Reopening: Missing in Leap 15.6. Please process incoming submission or fix in Leap 15.6 in your chosen way. (bug 1225537)
Comment 8 Andreas Stieger 2024-05-29 11:16:02 UTC 
As per bug 1225537 now also fixed in Leap 15.6, closing