Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 651220 (CVE-2017-18242, CVE-2017-18243, CVE-2017-18244) - media-video/libav Multiple Vulnerabilities
Summary: media-video/libav Multiple Vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-18242, CVE-2017-18243, CVE-2017-18244
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal with 2 votes (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [upstream/ebuild cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-23 02:55 UTC by Michael Boyle
Modified: 2020-04-26 15:23 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Boyle 2018-03-23 02:55:49 UTC
CVE-2018-5766 (https://nvd.nist.gov/vuln/detail/CVE-2018-5766):
  In Libav through 12.2, there is an invalid memcpy in the av_packet_ref
  function of libavcodec/avpacket.c. Remote attackers could leverage this
  vulnerability to cause a denial of service (segmentation fault) via a
  crafted avi file.

CVE-2018-5684 (https://nvd.nist.gov/vuln/detail/CVE-2018-5684):
  In Libav through 12.2, there is an invalid memcpy call in the
  ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers
  could leverage this vulnerability to cause a denial of service (segmentation
  fault) and program failure with a crafted avi file.


@Maintainers, 12.2 is in tree, are we affected in previous versions?

Thank you

Mike Boyle Gentoo Security Padawan
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2018-03-23 03:02:08 UTC
CVE-2017-18244 (https://nvd.nist.gov/vuln/detail/CVE-2017-18244):
  The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows
  remote attackers to cause a denial of service (out-of-bounds read) via a
  crafted aac file, related to ff_ps_apply.

CVE-2017-18243 (https://nvd.nist.gov/vuln/detail/CVE-2017-18243):
  The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2
  allows remote attackers to cause a denial of service (segmentation fault)
  via a crafted file.

CVE-2017-18242 (https://nvd.nist.gov/vuln/detail/CVE-2017-18242):
  The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via a crafted aac file.
Comment 2 Michael Boyle 2018-03-23 03:07:52 UTC
https://pybin.pw/rw5jqt3c

12.3 is available to download
Comment 3 Martin Filo 2018-07-15 13:43:06 UTC
where is problem with libav-12.3 package?
simple copy of libav-12.2.ebuild to libav-12.3.ebuild will create working package without these security bugs
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2019-03-28 01:54:23 UTC
Please confirm this is fixed - 12.3 in tree.
Comment 5 Martin Filo 2019-04-07 21:12:31 UTC
libav-12.3 from tree working fine
Comment 6 Larry the Git Cow gentoo-dev 2020-04-26 15:23:32 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ae1063b59ef317fdc6dd640b60437f6fb143a2ac

commit ae1063b59ef317fdc6dd640b60437f6fb143a2ac
Author:     Mikle Kolyada <zlogene@gentoo.org>
AuthorDate: 2020-04-26 15:14:48 +0000
Commit:     Mikle Kolyada <zlogene@gentoo.org>
CommitDate: 2020-04-26 15:22:46 +0000

    media-video/libav: remove last-rited pkg
    
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=452482
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=458768
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=470764
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=499256
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=509974
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=519602
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=525070
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=555114
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=564040
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=587054
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=588986
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=701952
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=538790
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=711206
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=489922
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=409957
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=445854
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=474408
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=509294
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=522350
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=546080
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=588482
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=603726
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=694082
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=634102
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=542186
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=635524
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=651218
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=651220
    
    Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>

 media-video/libav/Manifest                    |   3 -
 media-video/libav/files/libav-12.3-x264.patch |  85 -------
 media-video/libav/libav-12.3.ebuild           | 350 --------------------------
 media-video/libav/libav-13_pre20171219.ebuild | 336 -------------------------
 media-video/libav/libav-9999.ebuild           | 339 -------------------------
 media-video/libav/metadata.xml                |  35 ---
 6 files changed, 1148 deletions(-)