Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 251017

Summary: media-video/mplayer <1.0_rc2_p28058-r1 Stack Buffer Overflow (CVE-2008-5616)
Product: Gentoo Security Reporter: Bruno Buss <bruno.buss>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: dev, jackdachef, media-video, stupendoussteve
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://trapkit.de/advisories/TKADV2008-014.txt
Whiteboard: A2 [glsa]
Package list:
Runtime testing required: ---

Description Bruno Buss 2008-12-15 12:17:12 UTC 
Description:
MPlayer contains a stack buffer overflow vulnerability while parsing 
malformed TwinVQ media files. The vulnerability may be exploited by a 
(remote) attacker to execute arbitrary code in the context of MPlayer.

Fix in SVN:
http://svn.mplayerhq.hu/mplayer/branches/1.0rc2/libmpdemux/demux_vqf.c?r1=24723&r2=28150&pathrev=28150

Also from Secunia:
http://secunia.com/Advisories/33136/
Comment 1 stupendoussteve 2008-12-17 03:09:01 UTC 
*** Bug 251277 has been marked as a duplicate of this bug. ***
Comment 2 stupendoussteve 2008-12-17 03:09:49 UTC 
This has been assigned CVE-2008-5616
Comment 3 Steve Dibb (RETIRED) gentoo-dev 2008-12-17 15:15:56 UTC 
Patch applied in mplayer-1.0_rc2_p28058-r1

Thanks, Bruno
Comment 4 Robert Buchholz (RETIRED) gentoo-dev 2008-12-17 16:11:45 UTC 
CVE-2008-5616 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5616):
  Stack-based buffer overflow in the demux_open_vqf function in
  libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote
  attackers to execute arbitrary code via a malformed TwinVQ file.
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2008-12-17 16:18:51 UTC 
Arches, please test and mark stable:
=media-video/mplayer-1.0_rc2_p28058-r1
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2008-12-17 18:08:10 UTC 
Stable for HPPA.
Comment 7 Markus Meier gentoo-dev 2008-12-17 20:10:47 UTC 
amd64/x86 stable
Comment 8 Brent Baude (RETIRED) gentoo-dev 2008-12-18 17:18:58 UTC 
ppc64 done
Comment 9 Tobias Scherbaum (RETIRED) gentoo-dev 2008-12-18 18:34:51 UTC 
ppc stable
Comment 10 Robert Buchholz (RETIRED) gentoo-dev 2008-12-19 17:47:57 UTC 
*** Bug 251567 has been marked as a duplicate of this bug. ***
Comment 11 Tobias Klausmann (RETIRED) gentoo-dev 2008-12-20 15:09:00 UTC 
Stable on alpha.
Comment 12 Raúl Porcel (RETIRED) gentoo-dev 2008-12-22 20:00:55 UTC 
ia64/sparc stable
Comment 13 Tobias Heinlein (RETIRED) gentoo-dev 2008-12-23 12:51:50 UTC 
GLSA together with bug 239130 and bug 231836.
Comment 14 Tobias Heinlein (RETIRED) gentoo-dev 2009-01-12 19:51:44 UTC 
GLSA 200901-07. Thanks everyone, sorry about the delay.