CVE-2025-52194

Published: 8/21/2025 Last updated: 8/21/2025 Reserved: 6/16/2025

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7.5	High	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Opam packages affected (1)

conf-sndfile

Products affected (1)

Product	Vendor	Version
n/a	n/a	n/a

References (3)

https://github.com/libsndfile/libsndfile/issues/1082
https://github.com/libsndfile
https://bushido-sec.com/index.php/2025/08/08/libsndfile-buffer-overflow/