CVE-2025-14369
Integer Overflow in dr_flac Audio Decoder Causes DoS
Publication date: 2026-01-20
Last updated on: 2026-01-20
Assigner: CERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mackron | dr_flac | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in dr_flac, an audio decoder within the dr_libs toolset, is an integer overflow flaw caused by trusting the totalPCMFrameCount field from FLAC metadata when calculating buffer size. An attacker can craft a malicious FLAC file with an extremely large totalPCMFrameCount value, causing the program to allocate an excessively large memory buffer. This can lead to denial-of-service (DoS) by crashing or exhausting system resources in programs using dr_flac. [1]
How can this vulnerability impact me? :
If you use software that relies on dr_flac for decoding FLAC audio files, an attacker could exploit this vulnerability by providing a specially crafted FLAC file. This could cause your program to allocate excessive memory, potentially leading to crashes or denial-of-service conditions, disrupting normal operation and availability. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying programs using the dr_flac decoder from the dr_libs toolset processing specially crafted FLAC files that trigger excessive memory allocation or crashes. Since the issue arises from handling the totalPCMFrameCount field in FLAC metadata, monitoring for crashes or denial-of-service symptoms when decoding FLAC files can be indicative. Specific commands are not provided in the resources, but you can monitor logs for crashes related to audio decoding or use debugging tools to trace memory allocation in applications using dr_flac. Additionally, scanning for the presence of vulnerable versions of dr_libs in your environment can help identify exposure. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the dr_flac library to the fixed version that implements dynamic buffer expansion instead of allocating memory based on the totalPCMFrameCount upfront. This update prevents excessive memory allocation from malformed FLAC files and improves robustness. If updating is not immediately possible, avoid processing untrusted or specially crafted FLAC files with vulnerable versions of dr_flac to reduce risk of denial-of-service. Monitoring and restricting input files can serve as a temporary mitigation. [1]