CVE Vulnerabilities

CVE-2019-14523

Integer Underflow (Wrap or Wraparound)

Published: Aug 02, 2019 | Modified: Mar 03, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

An issue was discovered in Schism Tracker through 20190722. There is an integer underflow via a large plen in fmt_okt_load_song in the Amiga Oktalyzer parser in fmt/okt.c.

Weakness

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Affected Software

Name Vendor Start Version End Version
Schism_tracker Schismtracker * 20190722 (including)
Schism Ubuntu bionic *
Schism Ubuntu devel *
Schism Ubuntu disco *
Schism Ubuntu eoan *
Schism Ubuntu esm-apps/bionic *
Schism Ubuntu esm-apps/focal *
Schism Ubuntu esm-apps/jammy *
Schism Ubuntu esm-apps/noble *
Schism Ubuntu esm-apps/xenial *
Schism Ubuntu focal *
Schism Ubuntu groovy *
Schism Ubuntu hirsute *
Schism Ubuntu impish *
Schism Ubuntu jammy *
Schism Ubuntu kinetic *
Schism Ubuntu lunar *
Schism Ubuntu mantic *
Schism Ubuntu noble *
Schism Ubuntu trusty *
Schism Ubuntu xenial *

References