CVE-2019-8356 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-8356 Interim 1 3 2021-06-09T13:29:42Z current 2021-05-30T14:24:39Z 2021-06-09T13:29:42Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-8356 An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow. CVE-2019-8356 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L