An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. Upstream Issue: https://github.com/aubio/aubio/issues/188
Reproduced SEGV with aubio-0.4.2-8.fc28.x86_64 though different stack trace: # aubionotes testcase3 2>&1 | ./asan_symbolizer.py -d AUBIO ERROR: source_sndfile: Failed opening testcase3: Internal error : SF_INFO struct incomplete. AUBIO ERROR: onset: samplerate (-2147461598) can not be < 1 AUBIO ERROR: onset: samplerate (-2147461598) can not be < 1 AddressSanitizer:DEADLYSIGNAL ================================================================= ==66==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000018 (pc 0x000000415572 bp 0x7fff2938fb60 sp 0x7fff2938fb20 T0) ==66==The signal is caused by a READ memory access. ==66==Hint: address points to the zero page. #0 0x415571 in ?? /usr/src/debug/aubio-0.4.2-8.fc28.x86_64/build/../src/onset/onset.c:51 #1 0x403598 in ?? /usr/src/debug/aubio-0.4.2-8.fc28.x86_64/build/../examples/aubionotes.c:52 #2 0x404c1a in ?? /usr/src/debug/aubio-0.4.2-8.fc28.x86_64/build/../examples/utils.c:156 #3 0x404690 in ?? /usr/src/debug/aubio-0.4.2-8.fc28.x86_64/build/../examples/aubionotes.c:152 #4 0x7f2b987e724a in __libc_start_main (/lib64/libc.so.6+0x2324a) #4 0x4022f9 in ?? ??:0 AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/usr/bin/aubionotes+0x415571) ==66==ABORTING
Created aubio tracking bugs for this issue: Affects: fedora-all [bug 1610611]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.