Summary: | media-video/libav: multiple undefined behavior issues | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED OBSOLETE | ||
Severity: | minor | CC: | itumaykin+gentoo, media-video |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer/ | ||
Whiteboard: | B3 [ebuild/cve] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-03-27 09:13:20 UTC
CVE ID: CVE-2016-9819 Summary: libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. Published: 2017-03-01T15:59:00.000Z Just a short notice that upstream released 11.9, which has these problems fixed. (In reply to Coacher from comment #2) > Just a short notice that upstream released 11.9, which has these problems > fixed. Thank you! Upstream also released 12.1 a week ago, which fixes these problems in 12.x release series. See bug 619076. (In reply to Coacher from comment #2) > Just a short notice that upstream released 11.9, which has these problems > fixed. Only the first 4 bugs of the blgos post are fixed. Updating CVE Information: CVE ID: CVE-2016-8676 Summary: The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675. CVE ID: CVE-2016-9819 Summary: libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. CVE ID: CVE-2016-9820 Summary: libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. CVE ID: CVE-2016-9821 Summary: Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE ID: CVE-2016-9822 Summary: Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE ID: CVE-2016-9823 Summary: libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE ID: CVE-2016-9824 Summary: Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. CVE ID: CVE-2016-9825 Summary: libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. CVE ID: CVE-2016-9826 Summary: libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. |