CVE-2026-3394
Memory Corruption in jarikomppa soloud WAV File Parser
Publication date: 2026-03-01
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| solhsa | soloud | to 2020-02-07 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3394 is a memory corruption vulnerability in the jarikomppa soloud audio library, specifically in the function SoLoud::Wav::loadwav within the WAV File Parser component. It occurs due to improper handling of memory buffers when processing WAV files, allowing reads or writes outside the intended buffer boundaries. This can lead to a segmentation fault or memory corruption.
The vulnerability can be triggered locally by manipulating a crafted WAV file input, causing the audio engine to crash or potentially allowing further exploitation. The issue affects versions of soloud up to 20200207 and remains unpatched.
How can this vulnerability impact me? :
This vulnerability can impact you by causing memory corruption in the soloud audio library when processing specially crafted WAV files. This can lead to application crashes (segmentation faults), resulting in denial of service or reduced system availability.
Since the attack requires local access, an attacker must have the ability to run or supply malicious WAV files locally. Exploitation is considered easy, and a proof-of-concept exploit is publicly available, increasing the risk.
No known mitigations or patches exist, so affected users should consider alternative products or avoid using vulnerable versions to reduce risk.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by testing the SoLoud audio library's WAV file parser with specially crafted WAV files that trigger memory corruption in the function SoLoud::Wav::loadwav."}, {'type': 'paragraph', 'content': 'A practical detection method involves building the SoLoud library with AddressSanitizer (ASan) enabled and running a test harness that loads a crafted WAV file to observe if a segmentation fault or memory corruption occurs.'}, {'type': 'paragraph', 'content': 'Example commands to detect the vulnerability include:'}, {'type': 'list_item', 'content': 'Build SoLoud with ASan enabled (using Clang): clang++ -fsanitize=address -O2 -g -o test_harness harness.cpp -lsoLoud'}, {'type': 'list_item', 'content': 'Run the test harness with a crafted WAV file: ./test_harness crafted.wav'}, {'type': 'paragraph', 'content': 'If the program crashes with a segmentation fault or ASan reports an invalid memory write inside SoLoud::Wav::loadwav, the vulnerability is present.'}] [3]
What immediate steps should I take to mitigate this vulnerability?
Currently, there are no known patches or countermeasures provided by the vendor or project for this vulnerability.
Immediate mitigation steps include:
- Avoid using the affected versions of the jarikomppa soloud library (up to 20200207) until a fix is released.
- Consider replacing the soloud library with alternative audio libraries that do not have this vulnerability.
- Restrict local access to systems running the vulnerable software to trusted users only, as exploitation requires local access.
Monitoring for suspicious local activity and limiting the ability to load untrusted WAV files can also reduce risk.