Lilith >_> of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the sphere.c start_read() functionality of Sound Exchange libsox.
The libsox library is a library of sound sample file format readers/writers and sound effects processors. It's been in development for several years, and now supports several file formats including .wav, .flac, and .mp3 (with the aid of an external library).
TALOS-2021-1434 (CVE-2021-40426) can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
This vulnerability specifically exists in the way this library handles NIST Speech Header Resources (SPHERE) files, which are used for speech recognition.
Cisco Talos is releasing the details of this vulnerability despite no official update from Sound Exchange, all in adherence to Cisco’s vulnerability disclosure policy.
Users are encouraged to update these affected products as soon as possible: Sound Exchange libsox, version 14.4.2 and master commit 42b3557e, as Talos tested and confirmed these versions of the library could be exploited by this vulnerability.
The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 58836 and 58837. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Cisco Secure Firewall Management Center or Snort.org.