Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 345559 (CVE-2010-4203)

Summary: <media-libs/libvpx-0.9.5: Remote Code Execution Vulnerability (CVE-2010-4203)
Product: Gentoo Security Reporter: Tim Sammut (RETIRED) <underling>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: media-video
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Tim Sammut (RETIRED) gentoo-dev 2010-11-15 04:20:46 UTC
livpx contains a vulnerability that could allow a remote attacker to execute code as the local user by enticing the user to open a crafted file. This is fixed in 0.9.5, which is already in the tree. 

@media-video, are we ok to begin stabilization of =media-libs/libvpx-0.9.5? Thanks!
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2010-12-03 07:50:36 UTC
Arches, please test and mark stable:
Target keywords : "amd64 x86"
Comment 2 Agostino Sarubbo gentoo-dev 2010-12-03 17:00:56 UTC
amd64 ok
Comment 3 Thomas Kahle (RETIRED) gentoo-dev 2010-12-03 18:15:31 UTC
On x86 I get 
    [STRIP] libvpx.a < libvpx_g.a
vp8/common/x86/vp8_asm_stubs.c.o: In function `vp8_sixtap_predict8x4_sse2':
vp8_asm_stubs.c:(.text+0x43): undefined reference to `vp8_six_tap_mmx'
vp8_asm_stubs.c:(.text+0xab): undefined reference to `vp8_six_tap_mmx'
vp8_asm_stubs.c:(.text+0xce): undefined reference to `vp8_six_tap_mmx'
vp8_asm_stubs.c:(.text+0x130): undefined reference to `vp8_six_tap_mmx'
vp8/common/x86/vp8_asm_stubs.c.o: In function `vp8_sixtap_predict8x8_sse2':
vp8_asm_stubs.c:(.text+0x1b3): undefined reference to `vp8_six_tap_mmx'
vp8/common/x86/vp8_asm_stubs.c.o:vp8_asm_stubs.c:(.text+0x21b): more undefined references to `vp8_six_tap_mmx' follow
vp8/encoder/x86/variance_sse2.c.o: In function `vp8_sub_pixel_variance4x4_wmt':
variance_sse2.c:(.text+0xb39): undefined reference to `vp8_vp7_bilinear_filters_mmx'
variance_sse2.c:(.text+0xb7e): undefined reference to `vp8_filter_block2d_bil4x4_var_mmx'
vp8/encoder/x86/variance_sse2.c.o: In function `vp8_variance4x4_wmt':
variance_sse2.c:(.text+0xc8d): undefined reference to `vp8_get4x4var_mmx'
vp8/common/x86/subpixel_sse2.asm.o: In function `no symbol':
vp8/common/x86/subpixel_sse2.asm:(.text+0x76f): undefined reference to `vp8_bilinear_filters_mmx'
/usr/lib/gcc/i686-pc-linux-gnu/4.4.4/../../../../i686-pc-linux-gnu/bin/ld: vp8/common/x86/subpixel_sse2.asm.o: relocation R_386_GOTOFF against undefined symbol `vp8_bilinear_filters_mmx' can not be used when making a shared object
/usr/lib/gcc/i686-pc-linux-gnu/4.4.4/../../../../i686-pc-linux-gnu/bin/ld: final link failed: Bad value
collect2: ld returned 1 exit status

when enabling USE='-mmx sse2'

Is this expected?
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2010-12-03 22:32:57 UTC
(In reply to comment #3)
> On x86 I get 

 I can reproduce on x86.
Comment 5 Agostino Sarubbo gentoo-dev 2010-12-03 22:59:27 UTC
(In reply to comment #4)
> (In reply to comment #3)
> > On x86 I get 
>  I can reproduce on x86.

Same here on amd64.
Comment 6 Christian Faulhammer (RETIRED) gentoo-dev 2010-12-09 09:00:43 UTC
No regression, we did not catch that on the first stabilisation, so x86 stable.
Comment 7 Markos Chandras (RETIRED) gentoo-dev 2010-12-10 21:46:00 UTC
Well, amd64 will do the same. No regression. Thanks Agostino
Comment 8 Tim Sammut (RETIRED) gentoo-dev 2010-12-13 01:15:30 UTC
Thanks, folks. GLSA request filed.
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2011-01-15 02:17:44 UTC
Thanks, folks. This was published as GLSA 201101-03.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2012-09-11 00:12:02 UTC
CVE-2010-4203 (
  WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome
  before 7.0.517.44, allows remote attackers to cause a denial of service
  (memory corruption) or possibly execute arbitrary code via invalid frames.