CVE-2019-11498

NameCVE-2019-11498
DescriptionWavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)
Debian Bugs927903

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
wavpack (PTS)jessie4.70.0-1fixed
stretch (security), stretch5.0.0-2+deb9u2vulnerable
buster5.1.0-6fixed
bullseye, sid5.1.0-7fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
wavpacksource(unstable)5.1.0-6low927903
wavpacksourcejessie(not affected)

Notes

[stretch] - wavpack <no-dsa> (Minor issue)
[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
https://github.com/dbry/WavPack/issues/67
https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4

Search for package or bug name: Reporting problems