{"vuid":"VU#924114","idnumber":"924114","name":"dr_flac contains an integer overflow vulnerability that allows for DoS when provided a crafted file","keywords":null,"overview":"### Overview\r\n\r\n[dr_flac](https://github.com/mackron/dr_libs/blob/master/dr_flac.h), an open-source FLAC audio decoder, part of the [dr_libs](https://github.com/mackron/dr_libs) audio decoder toolset, contains an integer overflow vulnerability allowing for denial of service (DoS) when provided a specific crafted file. An attacker can exploit this vulnerability through providing a tool that uses dr_flac a specially crafted file, and can cause the tool to crash. The vulnerability, tracked as CVE-2025-14369, has been patched in commit b2197b2 of dr_flac. In an enterprise situation, audio tools that use dr_flac may be susceptible to crashes or other abnormal behavior if they process attacker-controlled files.\r\n\r\n### Description\r\n\r\ndr_libs is an open-source audio decoding tool. It is made of three separate tools, dr_flac, dr_mp3, and dr_wav, which can decode FLAC, MP3, and WAV files respectively. \r\n\r\nAn integer overflow vulnerability has been discovered, tracked as CVE-2025-14369 within dr_libs. An attacker who can supply crafted input FLAC files to the tool may trigger allocation of a large amount of memory, leading to a crash or unintended function of the tool.\r\n\r\nDuring function, a single block of memory could be allocated to `totalPCMFrameCount` from the FLAC metadata without validation before the calculation of the bugger size. This could result in a specifically crafted file being allocated an arbitrary amount of memory space. \r\n\r\n### Impact\r\nAn attacker able to send input data in the form of FLAC files to the tool or other input stream that uses dr_flac could cause a crash or DoS attack.\r\n\r\n### Solution\r\nCommit b2197b2, released on GitHub, fixes the issue. Users should update to the latest version ASAP. All versions prior to commit b2197b2 are affected. \r\n\r\n### Acknowledgements\r\nThanks to the reporter who wishes to remain Maor Caplan.This document was written by Christopher Cullen.","clean_desc":null,"impact":null,"resolution":null,"workarounds":null,"sysaffected":null,"thanks":null,"author":null,"public":["https://github.com/mackron/dr_libs/commit/b2197b2eb7bb609df76315bebf44db4ec2a1aed0"],"cveids":["CVE-2025-14369"],"certadvisory":null,"uscerttechnicalalert":null,"datecreated":"2026-01-20T11:49:59.846989Z","publicdate":"2026-01-20T11:49:59.701624Z","datefirstpublished":"2026-01-20T11:49:59.863588Z","dateupdated":"2026-01-20T11:49:59.701617Z","revision":1,"vrda_d1_directreport":null,"vrda_d1_population":null,"vrda_d1_impact":null,"cam_widelyknown":null,"cam_exploitation":null,"cam_internetinfrastructure":null,"cam_population":null,"cam_impact":null,"cam_easeofexploitation":null,"cam_attackeraccessrequired":null,"cam_scorecurrent":null,"cam_scorecurrentwidelyknown":null,"cam_scorecurrentwidelyknownexploited":null,"ipprotocol":null,"cvss_accessvector":null,"cvss_accesscomplexity":null,"cvss_authentication":null,"cvss_confidentialityimpact":null,"cvss_integrityimpact":null,"cvss_availabilityimpact":null,"cvss_exploitablity":null,"cvss_remediationlevel":null,"cvss_reportconfidence":null,"cvss_collateraldamagepotential":null,"cvss_targetdistribution":null,"cvss_securityrequirementscr":null,"cvss_securityrequirementsir":null,"cvss_securityrequirementsar":null,"cvss_basescore":null,"cvss_basevector":null,"cvss_temporalscore":null,"cvss_environmentalscore":null,"cvss_environmentalvector":null,"metric":null,"vulnote":167}