Summary: | <media-video/tsmuxer-2.6.16_p20220706: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | media-video |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/justdan96/tsMuxer/issues/395 | ||
See Also: | https://github.com/gentoo/gentoo/pull/14665 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-04-17 23:48:28 UTC
CVE-2021-34067: Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Patch: https://github.com/justdan96/tsMuxer/commit/d77ed5e8dc701f64ed5da317b896879e621de865 CVE-2021-34068: Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Patch: https://github.com/justdan96/tsMuxer/commit/ea879f3b915baa4f9d145ce44229f7b3b1952c30 CVE-2021-34069: Divide-by-zero bug in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Patch: https://github.com/justdan96/tsMuxer/commit/9070a9917f45bcada64a16be3b280d5147f9074d CVE-2021-34070: Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Patch: https://github.com/justdan96/tsMuxer/commit/378377e9245549caf889988ca6c21807ec7f8873 CVE-2021-34071: Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. PR related: https://github.com/gentoo/gentoo/pull/14665. After merging it can be bumped to desired revision. CVE-2021-35344: tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function BitStreamReader::getCurVal in bitStream.h. CVE-2021-35346: tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow via the function HevcSpsUnit::short_term_ref_pic_set(int) in hevc.cpp. CVE-2021-45860 (https://github.com/justdan96/tsMuxer/pull/511): An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-2678966 allows attackers to cause a Denial of Service (DoS) via a crafted file. CVE-2021-45861 (https://github.com/justdan96/tsMuxer/issues/478): There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277. CVE-2021-45863 (https://github.com/justdan96/tsMuxer/issues/509): tsMuxer git-2678966 was discovered to contain a heap-based buffer overflow via the function HevcUnit::updateBits in hevc.cpp. CVE-2021-45864 (https://github.com/justdan96/tsMuxer/pull/480): tsMuxer git-c6a0277 was discovered to contain a segmentation fault via DTSStreamReader::findFrame in dtsStreamReader.cpp. Patches available and in nightly releases. Updated https://github.com/gentoo/gentoo/pull/14665 to latest commit to address these vulnerabilities The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3be5ebc85d013c7390db32d6fc5f10a88a127f30 commit 3be5ebc85d013c7390db32d6fc5f10a88a127f30 Author: Azamat H. Hackimov <azamat.hackimov@gmail.com> AuthorDate: 2020-02-15 08:19:44 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-01 17:45:18 +0000 media-video/tsmuxer: update to new version Updated to opensourced (license is Apache-2.0) version available at https://github.com/justdan96/tsMuxer Resolved multiple vulnerabilities (CVE-2021-26805, CVE-2021-34067, CVE-2021-34068, CVE-2021-34069, CVE-2021-34070, CVE-2021-34071, CVE-2021-35344, CVE-2021-35346, CVE-2021-45860, CVE-2021-45861, CVE-2021-45863, CVE-2021-45864) Closes: https://bugs.gentoo.org/691814 Bug: https://bugs.gentoo.org/783519 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Signed-off-by: John Helmert III <ajak@gentoo.org> media-video/tsmuxer/Manifest | 1 + media-video/tsmuxer/metadata.xml | 3 ++ .../tsmuxer/tsmuxer-2.6.16_p20220706.ebuild | 40 ++++++++++++++++++++++ 3 files changed, 44 insertions(+) And cleaned up in: commit e88ac3aeaa3200e608c55bb95d408e2da74790c8 Author: Azamat H. Hackimov <azamat.hackimov@gmail.com> Date: Wed Aug 31 22:40:24 2022 +0300 media-video/tsmuxer: drop 2.6.11-r1 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/14665 Signed-off-by: John Helmert III <ajak@gentoo.org> delete mode 100644 media-video/tsmuxer/tsmuxer-2.6.11-r1.ebuild |