libsndfile-1.0.28-17.el8_10

エラータID: AXSA:2026-727:03

Release date: 
Thursday, May 28, 2026 - 20:20
Subject: 
libsndfile-1.0.28-17.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV.

Security Fix(es):

* libsndfile: integer overflow in ima_reader_init() (CVE-2026-37555)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065.

Solution: 

Update packages.

CVEs: 
CVE-2026-37555
An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065.
Additional Info: 

N/A

Download: 

SRPMS
  1. libsndfile-1.0.28-17.el8_10.src.rpm
    MD5: 78fa707f4429edc01a0b3ee4514934de
    SHA-256: e588594beddb123b4b8483dc67252aa5677cd1bfbdfaa3b561becf8c164b5d88
    Size: 1.18 MB

Asianux Server 8 for x86_64
  1. libsndfile-1.0.28-17.el8_10.i686.rpm
    MD5: 4e3a0bfbe5efedcfbcdc546062c19227
    SHA-256: e4f8b3bb7f2bad7947297e580af04c6e7921d73b61bbda2dd47082ce931ca8ce
    Size: 217.81 kB
  2. libsndfile-1.0.28-17.el8_10.x86_64.rpm
    MD5: 03f5e7e6dc656874f719458318dae70e
    SHA-256: 126f0ff90d0afbc95e304769808693c4b9110ce3fbcfa2c8d89b29d74984a6b4
    Size: 193.05 kB
  3. libsndfile-devel-1.0.28-17.el8_10.i686.rpm
    MD5: c0f3ad27d3524d509e468314eecae587
    SHA-256: cf65575a548c28c4ac4ed3b3f35dc449981d6a2a22336a548da05e839090b64b
    Size: 153.42 kB
  4. libsndfile-devel-1.0.28-17.el8_10.x86_64.rpm
    MD5: 09285c471d08d96f0ad6e272942c4268
    SHA-256: 0a417331aab8356e0f4b29a29f63bbc3db2b260a3dfcd193157aa7199d12cb30
    Size: 153.39 kB
  5. libsndfile-utils-1.0.28-17.el8_10.x86_64.rpm
    MD5: 589d59b555caddfa7c4e6ff46b867454
    SHA-256: 6a3202e4466d62e4a2cbde5c4d85c918317598c33088f011d9435afbbb5d6509
    Size: 80.99 kB