Fluid Attacks Database

Description

Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libsndfile	=1.2.2-2 \|\| =1.2.2-3 \|\| >=0 <1.2.2-4	1.2.2-4
debian 13	libsndfile	=1.2.2-2 \|\| >=0 <1.2.2-2+deb13u1	1.2.2-2+deb13u1
debian 12	libsndfile	=1.2.0-1 \|\| =1.2.0-1+deb12u1 \|\| =1.2.2-1 \|\| =1.2.2-1+hurd.1 \|\| =1.2.2-1+hurd.2 \|\| =1.2.2-1+hurd.3 \|\| =1.2.2-2 \|\| =1.2.2-3 \|\| =1.2.2-4	-
rpm rhel10	libsndfile	-	-
rpm rhel6	libsndfile	-	-

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.