{"id":"CVE-2018-6767","details":"A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file.","modified":"2026-04-16T01:37:56.579772819Z","published":"2018-02-06T22:29:00.210Z","related":["SUSE-SU-2021:0186-1","openSUSE-SU-2021:0153-1","openSUSE-SU-2021:0154-1","openSUSE-SU-2024:11505-1"],"references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html"},{"type":"WEB","url":"https://seclists.org/bugtraq/2019/Dec/37"},{"type":"ADVISORY","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889276"},{"type":"ADVISORY","url":"https://github.com/dbry/WavPack/issues/27"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3568-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4125"},{"type":"REPORT","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889276"},{"type":"REPORT","url":"https://github.com/dbry/WavPack/issues/27"},{"type":"FIX","url":"https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5"},{"type":"EVIDENCE","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889276"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dbry/wavpack","events":[{"introduced":"0"},{"fixed":"d5bf76b5a88d044a1be1d5656698e3ba737167e5"}]}],"versions":["4.70.0","4.70.0-rc","4.75.0","4.75.0-rc","4.75.2","4.80.0","4.80.0-rc","5.0.0","5.0.0-alpha","5.0.0-alpha2","5.0.0-alpha3","5.0.0-alpha4","5.0.0-alpha5","5.1.0"],"database_specific":{"vanir_signatures":[{"id":"CVE-2018-6767-21afebdd","target":{"function":"WriteRiffHeader","file":"cli/riff.c"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/dbry/wavpack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5","deprecated":false,"digest":{"function_hash":"263282531498135750655387005241491253113","length":3350}},{"signature_type":"Line","target":{"file":"cli/riff.c"},"id":"CVE-2018-6767-425436d3","deprecated":false,"source":"https://github.com/dbry/wavpack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5","signature_version":"v1","digest":{"line_hashes":["122770698072746895425604571858897861108","45212457360348024014895648397607845411","306757845720614398807120686037289651581","189935008260172588516344894179104127304","21258134232442700981735947227666468476","308313439293149598669203147012632073228","34157346504924645140827126762940142124","264224675448615810057246986260877850295","152820474521724108594268589983363128540","53746980373106445728210512627530174253","272468214117579939834238835106525087874","74358158535207047921031699705278146315","290202196059928601623745918342671111727","94150116975744621444743144601151710427","30578780731813446862289910328351829001","131417613903382327267998364494283617949","169723796906189295446691995513930919643","207777476458201937253055144935787826241","205268697847916533180193262249793867754","264951663282712365318369882325602009532","3570949662921749271366517180375541422","82036369740132966050910127200514745792","291820193339812772482563804837611269581","111497835232087498906253055943700687183","105247472267150826344707900664792782903","205071838862414231441234467835280003847","130099435738101504094464123795114847203","153968906541079243073161239598313477933","85073448318567749009518694551546675269","267597455784563671812882208848156970151","59468178035662643951486363331311754110","287263764264659570245036715633331600508","260276215368709617001068531246343848532","203166897439121091133604325489027168632","261491399266282299135076959503233152835","69319490753438541406568133137717206544","271711868523835302118891696927990408449","261711400549195226352843058772070434460","306101966940335056951019161605515692544","15544764574183948384319141443817016680"],"threshold":0.9}},{"id":"CVE-2018-6767-cfb04179","target":{"function":"ParseRiffHeaderConfig","file":"cli/riff.c"},"signature_version":"v1","signature_type":"Function","source":"https://github.com/dbry/wavpack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5","deprecated":false,"digest":{"function_hash":"200532218224989547623980334368190566470","length":7847}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-6767.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}