379297 – (CVE-2011-3625) <media-video/mplayer-1.0_rc4_p20110322-r1: SAMI Subtitle Parsing Buffer Overflow Vulnerability (CVE-2011-3625)

Bug 379297 (CVE-2011-3625) - <media-video/mplayer-1.0_rc4_p20110322-r1: SAMI Subtitle Parsing Buffer Overflow Vulnerability (CVE-2011-3625)

Summary: <media-video/mplayer-1.0_rc4_p20110322-r1: SAMI Subtitle Parsing Buffer Overf...

Status:	RESOLVED FIXED

Alias:	CVE-2011-3625

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/45598/
Whiteboard:	B2 [glsa]
Keywords:

Duplicates (1):	385743 (view as bug list)
Depends on:
Blocks:

Reported:	2011-08-15 17:12 UTC by Agostino Sarubbo
Modified:	2013-10-25 19:17 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2011-08-15 17:12:32 UTC

The vulnerability is caused due to a boundary error within the "sub_read_line_sami()" function in subreader.c and can be exploited to cause a stack-based buffer overflow via a specially crafted SAMI subtitle file.

Comment 1 Tim Sammut (RETIRED) gentoo-dev

2011-08-20 02:55:23 UTC

The trivial change looks to be listed at: http://mplayerhq.hu/pipermail/mplayer-cvslog/2011-May/042075.html

Comment 2 Samuli Suominen (RETIRED) gentoo-dev

2011-10-06 13:02:12 UTC

*** Bug 385743 has been marked as a duplicate of this bug. ***

Comment 3 Samuli Suominen (RETIRED) gentoo-dev

2011-10-06 13:05:18 UTC

+*mplayer-1.0_rc4_p20110322-r1 (06 Oct 2011)
+
+  06 Oct 2011; Samuli Suominen <ssuominen@gentoo.org>
+  +mplayer-1.0_rc4_p20110322-r1.ebuild,
+  +files/mplayer-1.0_rc4_p20110322-sami_subtitle_parsing.patch:
+  Fix security bug (SAMI Subtitle Parsing Buffer Overflow) #379297 by Agostino
+  Sarubbo

Comment 4 Samuli Suominen (RETIRED) gentoo-dev

2011-10-06 13:06:01 UTC

And blocking bug 384701 because this version is required also for libpng15 compability.

Comment 5 Agostino Sarubbo gentoo-dev

2011-10-06 13:18:54 UTC

Thanks Samuli,

Arches, please test and mark stable:

=mplayer-1.0_rc4_p20110322-r1

target KEYWORDS : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"

Comment 6 Agostino Sarubbo gentoo-dev

2011-10-06 18:50:12 UTC

amd64 ok

Comment 7 Steve Dibb (RETIRED) gentoo-dev

2011-10-06 19:14:34 UTC

+  06 Oct 2011; Steve Dibb <beandog@gentoo.org>
+  mplayer-1.0_rc4_p20110322-r1.ebuild:
+  amd64 stable, security bug 379297

Comment 8 Ian Delaney (RETIRED) gentoo-dev

2011-10-06 19:19:51 UTC

amd64:

ok

Comment 9 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2011-10-08 18:48:01 UTC

x86 stable

Comment 10 Markus Meier gentoo-dev

2011-10-09 16:37:46 UTC

arm stable

Comment 11 Jeroen Roovers (RETIRED) gentoo-dev

2011-10-09 17:05:49 UTC

Stable for HPPA.

Comment 12 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev

2011-10-09 17:17:13 UTC

ppc/ppc64 stable

Comment 13 Raúl Porcel (RETIRED) gentoo-dev

2011-10-12 15:24:14 UTC

alpha/ia64/sparc stable

Comment 14 Tim Sammut (RETIRED) gentoo-dev

2011-10-12 15:31:43 UTC

Thanks, everyone. Added to existing GLSA request.

Comment 15 Samuli Suominen (RETIRED) gentoo-dev

2011-10-12 15:48:25 UTC

(In reply to comment #4)
> And blocking bug 384701 because this version is required also for libpng15
> compability.

And removing now, since this is stable everywhere so it doesn't "show up" in the blockers list anymore.    Sort of useless bugspam, sorry about that.

Comment 16 GLSAMaker/CVETool Bot gentoo-dev

2013-10-25 19:17:10 UTC

This issue was resolved and addressed in
 GLSA 201310-13 at http://security.gentoo.org/glsa/glsa-201310-13.xml
by GLSA coordinator Sean Amoss (ackle).