USN-5749-1: libsamplerate vulnerability
Publication date
29 November 2022
Overview
libsamplerate could cause a crash if it processed a specially crafted audio file.
Releases
Packages
- libsamplerate - Audio sample rate conversion library
Details
Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate
did not properly perform bounds checking. If a user were tricked into
processing a specially crafted audio file, an attacker could possibly
use this issue to cause a crash.
Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate
did not properly perform bounds checking. If a user were tricked into
processing a specially crafted audio file, an attacker could possibly
use this issue to cause a crash.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
16.04 xenial | libsamplerate0 – 0.1.8-8ubuntu0.1~esm1 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.