An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
Upstream Reference: https://github.com/mpruett/audiofile/issues/50
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.
Upstream Reference: https://github.com/mpruett/audiofile/issues/49
@security, On Thu, 06 Jun 2019 Debian announces Fix for issues [CVE-2018-13440] and [CVE-2018-17095]. However, upstream's last changelog was 3 years ago, and non-descriptive of fix.
"2016-08-29 Michael Pruett <email@example.com>
Fix undefined behavior in sign conversion."
On March 26, 2019 there was https://github.com/mpruett/audiofile/issues/53 saying:
"Can you please roll a new release with all these security fixes?"
Gentoo last interest in security for this package was: 2017-06-17 in bug #614046.
Gentoo Security Padawan
CVE-2018-17095 seems a duplicate of CVE-2017-6836