CVE-2008-5008 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-5008 Interim 1 10 2025-11-05T06:11:46Z current 2021-05-30T12:44:28Z 2025-11-05T06:11:46Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-5008 Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed libsamplerate-0.1.4-1.15 libsamplerate-32bit-0.1.4-1.15 libsamplerate-devel-0.1.4-1.15 libsamplerate-devel-0.2.1-1.3 libsamplerate-devel-0.2.2-160000.3.2 libsamplerate-x86-0.1.4-1.15 libsamplerate0-0.2.1-1.3 libsamplerate0-0.2.2-160000.3.2 libsamplerate0-32bit-0.2.1-1.3 libsamplerate-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP1 libsamplerate-32bit-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP1 libsamplerate-x86-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP1 libsamplerate-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP2 libsamplerate-32bit-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP2 libsamplerate-x86-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP2 libsamplerate-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP3 libsamplerate-32bit-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP3 libsamplerate-x86-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP3 libsamplerate-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP4 libsamplerate-32bit-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP4 libsamplerate-x86-0.1.4-1.15 as a component of SUSE Linux Enterprise Server 11 SP4 libsamplerate-devel-0.2.2-160000.3.2 as a component of SUSE Linux Enterprise Server 16.0 libsamplerate0-0.2.2-160000.3.2 as a component of SUSE Linux Enterprise Server 16.0 libsamplerate-devel-0.1.4-1.15 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libsamplerate-devel-0.2.1-1.3 as a component of openSUSE Tumbleweed libsamplerate0-0.2.1-1.3 as a component of openSUSE Tumbleweed libsamplerate0-32bit-0.2.1-1.3 as a component of openSUSE Tumbleweed Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file. CVE-2008-5008 SUSE Linux Enterprise Server 11 SP1:libsamplerate-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP1:libsamplerate-32bit-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP1:libsamplerate-x86-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP2:libsamplerate-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP2:libsamplerate-32bit-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP2:libsamplerate-x86-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP3:libsamplerate-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP3:libsamplerate-32bit-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP3:libsamplerate-x86-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP4:libsamplerate-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP4:libsamplerate-32bit-0.1.4-1.15 SUSE Linux Enterprise Server 11 SP4:libsamplerate-x86-0.1.4-1.15 SUSE Linux Enterprise Server 16.0:libsamplerate-devel-0.2.2-160000.3.2 SUSE Linux Enterprise Server 16.0:libsamplerate0-0.2.2-160000.3.2 SUSE Linux Enterprise Software Development Kit 11 SP4:libsamplerate-devel-0.1.4-1.15 openSUSE Tumbleweed:libsamplerate-devel-0.2.1-1.3 openSUSE Tumbleweed:libsamplerate0-0.2.1-1.3 openSUSE Tumbleweed:libsamplerate0-32bit-0.2.1-1.3 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C