SecuritySpace - CVE-2019-13590

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2019-13590

Description: An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c.

Test IDs: 1.3.6.1.4.1.25623.1.0.893315

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-13590
https://sourceforge.net/p/sox/bugs/325/
https://lists.debian.org/debian-lts-announce/2023/02/msg00009.html

CVE ID:	CVE-2019-13590
Description:	An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (startread function), there is an integer overflow on the result of integer addition (wraparound to 0) fed into the lsx_calloc macro that wraps malloc. When a NULL pointer is returned, it is used without a prior check that it is a valid pointer, leading to a NULL pointer dereference on lsx_readbuf in formats_i.c.
Test IDs:	1.3.6.1.4.1.25623.1.0.893315
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2019-13590 https://sourceforge.net/p/sox/bugs/325/ https://lists.debian.org/debian-lts-announce/2023/02/msg00009.html