CVE-2026-32836

Published: Mar 17, 2026 Last Modified: Mar 17, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,9

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

dr_libs version 0.13.3 and earlier contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks.

789

Memory Allocation with Excessive Size Value

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Availability

Potential Impacts:

Dos: Resource Consumption (Memory)

Applicable Platforms

Languages: C, C++, Not Language-Specific

View CWE Details

https://github.com/mackron/dr_libs/issues/298

https://www.vulncheck.com/advisories/mackron-dr-libs-excess…

https://www.vulncheck.com/advisories/mackron-dr-libs-excessive-memory-allocatio…

CVE-2026-32836

Description

Memory Allocation with Excessive Size Value

Common Consequences

Applicable Platforms

Iscriviti alla newsletter