Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 918095 (CVE-2023-40474, CVE-2023-40475, CVE-2023-40476, SA-2023-0006, SA-2023-0007, SA-2023-0008, ZDI-CAN-21660, ZDI-CAN-21661, ZDI-CAN-21768)

Summary: <media-libs/gst-plugins-bad-1.22.11-r1: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: gstreamer, leio
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.openwall.com/lists/oss-security/2023/09/29/13
Whiteboard: A2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 928779    
Bug Blocks:    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-23 18:06:29 UTC 
https://gstreamer.freedesktop.org/security/sa-2023-0006.html reports:
   Details:
   Heap-based buffer overflow in the MXF file demuxer when handling malformed
   files with uncompressed video in GStreamer versions before 1.22.6.

   Impact:
   It is possible for a malicious third party to trigger a crash in the
   application, and possibly also effect code execution through heap
   manipulation.

   Patches:
   https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5362.patch
   (includes patch for SA-2023-0007 / ZDI-CAN-21661 / CVE-2023-40475)

https://gstreamer.freedesktop.org/security/sa-2023-0007.html reports:
   Details:
   Heap-based buffer overflow in the MXF file demuxer when handling malformed
   files with AES3 audio in GStreamer versions before 1.22.6.

   Impact:
   It is possible for a malicious third party to trigger a crash in the
   application, and possibly also effect code execution through heap
   manipulation.

   Patches:
   https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5362.patch
   (includes patch for SA-2023-0006 / ZDI-CAN-21660 / CVE-2023-40474)

https://gstreamer.freedesktop.org/security/sa-2023-0008.html reports:
   Details:
   Stack-based buffer overflow in the H.265 video parser when handling malformed
   H.265 video streams in GStreamer versions before 1.22.6.

   Impact:
   It is possible for a malicious third party to trigger a crash in the
   application, and possibly also effect code execution through stack
   manipulation.

   Patches:
   https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5364.patch

Fixes all in 1.22.6. Please bump.
Comment 1 Larry the Git Cow gentoo-dev 2024-04-30 08:28:02 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=921fdfc2e59cfb6143b33056ca4b215f65be248b

commit 921fdfc2e59cfb6143b33056ca4b215f65be248b
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2024-04-30 07:47:59 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2024-04-30 08:23:47 +0000

    media-libs/gst-plugins-bad: drop 1.20.5-r1, 1.20.6
    
    Bug: https://bugs.gentoo.org/918095
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 media-libs/gst-plugins-bad/Manifest                |   2 -
 .../gst-plugins-bad-1.20.5-r1.ebuild               | 104 ---------------------
 .../gst-plugins-bad/gst-plugins-bad-1.20.6.ebuild  | 104 ---------------------
 3 files changed, 210 deletions(-)
Comment 2 Larry the Git Cow gentoo-dev 2024-06-29 05:48:24 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=0715db682a941540ce2f4ccb909d8f446c05e0ce

commit 0715db682a941540ce2f4ccb909d8f446c05e0ce
Author:     Hans de Graaff <graaff@gentoo.org>
AuthorDate: 2024-06-29 05:46:23 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-06-29 05:46:23 +0000

    [ GLSA 202406-06 ] GStreamer, GStreamer Plugins: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/917791
    Bug: https://bugs.gentoo.org/918095
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202406-06.xml | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)