PublicDateAtUSN: 2015-11-19
Candidate: CVE-2014-9756
PublicDate: 2015-11-19 20:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
 https://ubuntu.com/security/notices/USN-2832-1
Description:
 The psf_fwrite function in file_io.c in libsndfile allows attackers to
 cause a denial of service (divide-by-zero error and application crash) via
 unspecified vectors related to the headindex variable.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by: Joshua Rogers
Assigned-to: mdeslaur
CVSS: 

Patches_libsndfile:
 upstream: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
upstream_libsndfile: released (1.0.25-10)
precise_libsndfile: released (1.0.25-4ubuntu0.1)
trusty_libsndfile: released (1.0.25-7ubuntu2.1)
trusty/esm_libsndfile: released (1.0.25-7ubuntu2.1)
vivid_libsndfile: released (1.0.25-9.1ubuntu0.15.04.1)
wily_libsndfile: released (1.0.25-9.1ubuntu0.15.10.1)
devel_libsndfile: not-affected (1.0.25-10)
vivid/stable-phone-overlay_libsndfile: released (1.0.25-9.1ubuntu0.15.04.1)
vivid/ubuntu-core_libsndfile: DNE