Advisories » MGASA-2026-0215

Updated libsndfile packages fix security vulnerabilities

Publication date: 16 Jun 2026
Modification date: 16 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-52194 , CVE-2025-56226 , CVE-2026-37555

Description

CVE-2025-52194 A buffer overflow vulnerability exists in libsndfile
version 1.2.2 and potentially earlier versions when processing malformed
IRCAM audio files. The vulnerability occurs in the ircam_read_header
function at src/ircam.c:164 during sample rate processing, leading to
memory corruption and potential code execution.
CVE-2025-56226 Libsndfile <=1.2.2 contains a memory leak vulnerability
in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.
CVE-2026-37555 An issue was discovered in libsndfile 1.2.2 IMA ADPCM
codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast,
but the WAV code path (line 235) and close path (line 167) were not.
When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit
multiplication overflows before being assigned to sf.frames
(sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the
product 2500000000 overflows to -1794967296. This causes incorrect frame
count leading to heap buffer overflow or denial of service. Both values
come from the WAV file header and are attacker-controlled. This issue
was discovered after an incomplete fix for CVE-2022-33065.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35451
• https://www.cve.org/CVERecord?id=CVE-2025-52194
• https://www.cve.org/CVERecord?id=CVE-2025-56226
• https://www.cve.org/CVERecord?id=CVE-2026-37555

SRPMS

9/core

• libsndfile-1.2.0-3.3.mga9