Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 639770 (CVE-2017-17127, CVE-2017-17128, CVE-2017-17129, CVE-2017-17130)

Summary: <media-video/libav-12.3: Multiple vulnerabilities
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: media-video
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2017-12-04 14:25:27 UTC 
CVE-2017-17130 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17130):
  The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav
  12.2 allows remote attackers to cause a denial of service (heap-based buffer
  overflow and application crash) or possibly have unspecified other impact
  via a crafted file, related to vc1_decode_i_blocks_adv.

CVE-2017-17129 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17129):
  The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2
  allows remote attackers to cause a denial of service (segmentation fault and
  application crash) or possibly have unspecified other impact via a crafted
  file.

CVE-2017-17128 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17128):
  The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows
  remote attackers to cause a denial of service (segmentation fault and
  application crash) via a crafted file.

CVE-2017-17127 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17127):
  The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows
  remote attackers to cause a denial of service (NULL pointer dereference and
  application crash) via a crafted file.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-12-04 14:26:49 UTC 
@Maintainers please confirm if only 12.2 is affected. If not please call for stabilization when ready.

Thank you
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-03-26 16:28:40 UTC 
(In reply to GLSAMaker/CVETool Bot from comment #0)
> CVE-2017-17130 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17130):
>   The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav
>   12.2 allows remote attackers to cause a denial of service (heap-based
> buffer
>   overflow and application crash) or possibly have unspecified other impact
>   via a crafted file, related to vc1_decode_i_blocks_adv.
> 

Fix is in 12.3

> CVE-2017-17129 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17129):
>   The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2
>   allows remote attackers to cause a denial of service (segmentation fault
> and
>   application crash) or possibly have unspecified other impact via a crafted
>   file.
> 

Present in 12.3

> CVE-2017-17128 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17128):
>   The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2
> allows
>   remote attackers to cause a denial of service (segmentation fault and
>   application crash) via a crafted file.
> 

Upstream cannot reproduce. No response from reporter in over a year. Ignoring.

> CVE-2017-17127 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17127):
>   The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows
>   remote attackers to cause a denial of service (NULL pointer dereference and
>   application crash) via a crafted file.

Upstream cannot reproduce.  No response from reporter in over a year.  Ignorning.