Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 626414 (CVE-2017-11719) - <media-video/ffmpeg-3.3.3: Denial of Service (CVE-2017-11719)
Summary: <media-video/ffmpeg-3.3.3: Denial of Service (CVE-2017-11719)
Status: RESOLVED FIXED
Alias: CVE-2017-11719
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: CVE-2017-11399
Blocks:
  Show dependency tree
 
Reported: 2017-07-28 07:43 UTC by Aleksandr Wagner (Kivak)
Modified: 2017-10-26 00:40 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-07-28 07:43:23 UTC 
CVE-2017-11719 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719):

The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file. 

References:

Commit in master branch
https://github.com/FFmpeg/FFmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92

Commit in release/3.3 branch
https://github.com/FFmpeg/FFmpeg/commit/47c0626ec721749b28df1c61c481e318e50058e4
Comment 1 Alexis Ballier gentoo-dev 2017-07-30 14:27:34 UTC 
3.2.6 is vulnerable and probably older versions too

3.3.3 has the fix and can go stable
Comment 2 Alexis Ballier gentoo-dev 2017-08-26 15:22:30 UTC 
note: 3.3.3 can go stable; but bug #626414 is not yet fixed
Comment 3 Alexis Ballier gentoo-dev 2017-08-26 15:22:52 UTC 
(In reply to Alexis Ballier from comment #2)
> note: 3.3.3 can go stable; but bug #626414 is not yet fixed

bug #627220 I mean
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2017-10-26 00:40:29 UTC 
GLSA Vote: No

Cleanup handled in bug #630460