What is CVE-2023-26590?

CVE-2023-26590 is a medium-severity vulnerability in Fedora Extra Packages For Enterprise Linux, classified under CWE-1077. CVSS score: 6.2/10. Published 2023-07-10.

How severe is CVE-2023-26590?

Medium severity. CVSS v3 base score is 6.2 out of 10.

Vulnerability in Fedora Extra Packages For Enterprise Linux

CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.

EPSS: 0.000 (10.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.2 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Fedora Extra Packages For Enterprise Linux
Fedora
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
N/a Sox

Weakness classification (CWE)

CWE-1077

References

access.redhat.com/security/cve/CVE-2023-26590 (vdb-entry, x_refsource_REDHAT)
RHBZ#2212279 (issue-tracking, x_refsource_REDHAT)

Frequently asked questions

What is CVE-2023-26590?: CVE-2023-26590 is a medium-severity vulnerability in Fedora Extra Packages For Enterprise Linux, classified under CWE-1077. CVSS score: 6.2/10. Published 2023-07-10.
How severe is CVE-2023-26590?: Medium severity. CVSS v3 base score is 6.2 out of 10.