Vulnerability Name:

CVE-2018-10538 (CCN-142577)

Assigned:2018-04-23
Published:2018-04-23
Updated:2019-12-20
Summary:An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-787
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2018-10538

Source: MISC
Type: UNKNOWN
http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html

Source: XF
Type: UNKNOWN
wavpack-cve201810538-dos(142577)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d

Source: CCN
Type: WavPack GIT Repository
WavPack crashes -- SEGFAULT -- Invalid write #33

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://github.com/dbry/WavPack/issues/33

Source: FEDORA
Type: UNKNOWN
FEDORA-2020-e55567b6be

Source: FEDORA
Type: UNKNOWN
FEDORA-2020-73274c9df4

Source: BUGTRAQ
Type: UNKNOWN
20191219 [slackware-security] wavpack (SSA:2019-353-01)

Source: UBUNTU
Type: Third Party Advisory
USN-3637-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4197

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-10538

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wavpack:wavpack:*:*:*:*:*:*:*:* (Version <= 5.1.0)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:wavpack:wavpack:5.1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7696
    P
    		libwavpack1-5.4.0-150000.4.15.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7982
    P
    		wavpack-5.4.0-150000.4.15.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:95269
    P
    		Security update for perl-HTTP-Daemon (Moderate) (in QA)
    2022-07-15
    oval:org.opensuse.security:def:3430
    P
    		apache2-2.4.23-29.43.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3104
    P
    		hyper-v-7-7.5 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3359
    P
    		ruby-2.1-1.4 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94734
    P
    		libwavpack1-5.4.0-4.12.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94989
    P
    		wavpack-5.4.0-4.12.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94542
    P
    		e2fsprogs-1.46.4-150400.1.80 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94776
    P
    		perl-DBI-1.642-3.9.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:224
    P
    		libwavpack1-5.4.0-4.9.1 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:101982
    P
    		Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP3) (Important)
    2022-04-25
    oval:org.opensuse.security:def:1747
    P
    		Security update for the Linux Kernel (Important)
    2022-04-13
    oval:org.opensuse.security:def:1153
    P
    		Security update for libsolv, libzypp, zypper (Important)
    2022-04-12
    oval:org.opensuse.security:def:99467
    P
    		 (Moderate)
    2022-04-01
    oval:org.opensuse.security:def:97032
    P
    		qemu-3.1.0-7.1 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:101489
    P
    		Security update for libmspack (Moderate)
    2021-08-20
    oval:org.opensuse.security:def:99666
    P
    		 (Important)
    2021-08-14
    oval:org.opensuse.security:def:71983
    P
    		libwavpack1-5.4.0-4.9.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101255
    P
    		cargo-1.43.1-12.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72555
    P
    		wavpack-5.4.0-4.9.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62242
    P
    		libwavpack1-5.4.0-4.9.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62836
    P
    		wavpack-5.4.0-4.9.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101242
    P
    		wavpack-5.4.0-4.9.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:99974
    P
    		 (Important)
    2021-07-20
    oval:org.opensuse.security:def:5721
    P
    		Security update for openexr (Moderate)
    2021-04-07
    oval:org.opensuse.security:def:110654
    P
    		Security update for wavpack (Moderate)
    2021-01-24
    oval:org.opensuse.security:def:111146
    P
    		Security update for wavpack (Moderate)
    2021-01-24
    oval:org.opensuse.security:def:9518
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:99268
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:93068
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:70408
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:64519
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:8771
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:108648
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:92517
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:69658
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:75878
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:9717
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:4131
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:93221
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:91932
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:65220
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:8966
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:98882
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:92716
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:69857
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:10090
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:107921
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:92127
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:66810
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:117436
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:73641
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:9336
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:99077
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:92915
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:70230
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:10268
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:8593
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:108155
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:92318
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:69476
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:117669
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:74288
    P
    		Security update for wavpack (Moderate)
    2021-01-21
    oval:com.ubuntu.artful:def:201810538000
    V
    		CVE-2018-10538 on Ubuntu 17.10 (artful) - medium.
    2018-04-29
    oval:com.ubuntu.bionic:def:2018105380000000
    V
    		CVE-2018-10538 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-04-29
    oval:com.ubuntu.bionic:def:201810538000
    V
    		CVE-2018-10538 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-04-29
    oval:com.ubuntu.xenial:def:2018105380000000
    V
    		CVE-2018-10538 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-04-29
    oval:com.ubuntu.trusty:def:201810538000
    V
    		CVE-2018-10538 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-04-29
    oval:com.ubuntu.xenial:def:201810538000
    V
    		CVE-2018-10538 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-04-29
    BACK
    wavpack wavpack *
    debian debian linux 8.0
    debian debian linux 9.0
    wavpack wavpack 5.1.0