MidnightBSD

Advisories for fdkaac_project

CVE-2022-36148

fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at /src/wav_reader.c.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
fdkaac_project fdkaac *
CVE-2022-37781

fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.inc.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
fdkaac_project fdkaac 1.0.3
CVE-2023-34823

fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c.

Products Affected

Vendor Product Version
fdkaac_project fdkaac *
CVE-2023-34824

fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c.

Products Affected

Vendor Product Version
fdkaac_project fdkaac *