CVE-2024-33431 - Vulnerability Details - OpenCVE

ReportizFlow

An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a denial of service via a crafted .wav file.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Stsaz	Phiola

Configuration 1 [-]

cpe:2.3:a:stsaz:phiola:2.0:rc22:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png
https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md
https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G
https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1
https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc
https://github.com/stsaz/phiola/
https://github.com/stsaz/phiola/issues/27

History

Fri, 19 Sep 2025 14:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:stsaz:phiola:2.0:rc22::::::

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-05-01T00:00:00.000Z

Updated: 2024-08-02T02:27:53.639Z

Reserved: 2024-04-23T00:00:00.000Z

Link: CVE-2024-33431

Vulnrichment

Updated: 2024-08-02T02:27:53.639Z

NVD

Status : Analyzed

Published: 2024-05-01T19:15:27.283

Modified: 2026-06-17T07:31:47.060

Link: CVE-2024-33431

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-33431", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-08-02T02:27:53.639Z", "dateReserved": "2024-04-23T00:00:00.000Z", "datePublished": "2024-05-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-05-01T18:53:42.972Z"}, "descriptions": [{"lang": "en", "value": "An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a denial of service via a crafted .wav file."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/stsaz/phiola/"}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1"}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md"}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc"}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G"}, {"url": "https://github.com/stsaz/phiola/issues/27"}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-33431", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-02T17:25:37.761013Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:stsaz:phiola:-:*:*:*:*:*:*:*"], "vendor": "stsaz", "product": "phiola", "versions": [{"status": "affected", "version": "-", "versionType": "custom", "lessThanOrEqual": "2.0"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:43:44.832Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:27:53.639Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/stsaz/phiola/", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G", "tags": ["x_transferred"]}, {"url": "https://github.com/stsaz/phiola/issues/27", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/stsaz/phiola/", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G", "tags": ["x_transferred"]}, {"url": "https://github.com/stsaz/phiola/issues/27", "tags": ["x_transferred"]}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:27:53.639Z"}}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-33431", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-02T17:25:37.761013Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:stsaz:phiola:-:*:*:*:*:*:*:*"], "vendor": "stsaz", "product": "phiola", "versions": [{"status": "affected", "version": "-", "versionType": "custom", "lessThanOrEqual": "2.0"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-670", "description": "CWE-670 Always-Incorrect Control Flow Implementation"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-02T17:36:05.969Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/stsaz/phiola/"}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1"}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md"}, {"url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc"}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G"}, {"url": "https://github.com/stsaz/phiola/issues/27"}, {"url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png"}], "descriptions": [{"lang": "en", "value": "An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a denial of service via a crafted .wav file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-05-01T18:53:42.972Z"}}}, "cveMetadata": {"cveId": "CVE-2024-33431", "state": "PUBLISHED", "dateUpdated": "2024-08-02T02:27:53.639Z", "dateReserved": "2024-04-23T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-05-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"affected": [{"affectedData": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "source": "[email protected]"}, {"affectedData": [{"cpes": ["cpe:2.3:a:stsaz:phiola:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "product": "phiola", "vendor": "stsaz", "versions": [{"lessThanOrEqual": "2.0", "status": "affected", "version": "-", "versionType": "custom"}]}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:stsaz:phiola:2.0:rc22:*:*:*:*:*:*", "matchCriteriaId": "3788EBE2-AAE9-41E9-90A4-E97C9F2999D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in phiola/src/afilter/conv.c:115 of phiola v2.0-rc22 allows a remote attacker to cause a denial of service via a crafted .wav file."}, {"lang": "es", "value": "Un problema en phiola/src/afilter/conv.c:115 de phiola v2.0-rc22 permite a un atacante remoto provocar una denegaci\u00f3n de servicio a trav\u00e9s de un archivo .wav manipulado."}], "id": "CVE-2024-33431", "lastModified": "2026-06-17T07:31:47.060", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}], "ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2024-33431", "options": [{"exploitation": "none"}, {"automatable": "yes"}, {"technicalImpact": "partial"}], "role": "CISA Coordinator", "timestamp": "2024-05-02T17:25:37.761013Z", "version": "2.0.3"}}]}, "published": "2024-05-01T19:15:27.283", "references": [{"source": "[email protected]", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1"}, {"source": "[email protected]", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc"}, {"source": "[email protected]", "tags": ["Product"], "url": "https://github.com/stsaz/phiola/"}, {"source": "[email protected]", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/stsaz/phiola/issues/27"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.assets/image-20240420004701828.png"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/flowPointException-1.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/blob/master/phiola/flowPointException-1/poc/I0I72U~G"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/Helson-S/FuzzyTesting/tree/master/phiola/flowPointException-1/poc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://github.com/stsaz/phiola/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://github.com/stsaz/phiola/issues/27"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-670"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}