CVE-2008-5008

Description

Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file.

How to fix CVE-2008-5008

To remediate CVE-2008-5008, upgrade the affected package to a fixed version below.

• Debian/libsamplerate—upgrade to 0.1.4-1 or later

Is CVE-2008-5008 being exploited?

Low — EPSS is 1.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 0.1.4-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-5008