#1111876 libsndfile: CVE-2025-52194

Package:
src:libsndfile
Source:
src:libsndfile
Submitter:
Salvatore Bonaccorso
Date:
2025-08-23 08:25:03 UTC
Severity:
normal
Tags:
#1111876#5
Date:
2025-08-23 08:21:58 UTC
From:
To:
Hi,

The following vulnerability was published for libsndfile.

CVE-2025-52194[0]:
| A buffer overflow vulnerability exists in libsndfile version 1.2.2
| and potentially earlier versions when processing malformed IRCAM
| audio files. The vulnerability occurs in the ircam_read_header
| function at src/ircam.c:164 during sample rate processing, leading
| to memory corruption and potential code execution.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-52194
https://www.cve.org/CVERecord?id=CVE-2025-52194
[1] https://github.com/libsndfile/libsndfile/issues/1082

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore