Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 439052 (CVE-2012-2772) - <media-video/libav-0.8.4: multiple vulnerabilities (CVE-2012-{2772,2775,2776,2777,2779,2784,2786,2787,2788,2789,2790,2793,2794,2796,2798,2800,2801,2802})
Summary: <media-video/libav-0.8.4: multiple vulnerabilities (CVE-2012-{2772,2775,2776,...
Status: RESOLVED FIXED
Alias: CVE-2012-2772
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/50963/
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-10-20 10:24 UTC by Agostino Sarubbo
Modified: 2014-06-26 23:37 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2012-10-20 10:24:42 UTC
1) Some errors within the libavcodec library when parsing ASF, QT, and WMV files can be exploited to corrupt memory.

2) An error within the "ff_compute_band_indexes()" function (libavcodec/mpegaudiodec.c) can be exploited to corrupt memory. 

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

Fixed in 0.8.4 still not released
Comment 1 Agostino Sarubbo gentoo-dev 2012-10-25 12:09:55 UTC
From the upstream website:

October 22 2012

Today, we update our latest release series 0.8 with the release of Libav 0.8.4. This release contains several security and bug fixes.

The following bugs in our Bugzilla have been fixed:

#118: zzufed H.261 file crashes avconv signal 11 (SIGSEGV)
#203: scale filter has a rounding error
#245: Reading already freed mem when using vfilters pad and settb
#265: smacker audio decode regression
#277: avconv ignores audio bitrate -ab parameter
#310: avconv hangs when transcoding .flac files
#327: wmaprodec: Arithmetic exception
#352: Pad filter pass-through problem
#367: Crash in bmp_decode_frame() when decoding unusual bmp file
#373: y4m as input results in "filename.y4m: Operation not permitted"
#379: Regression in WAV files between 52.72. 2 and 53. 35. 0
#380: double free in option handling
This release contains security fixes for the following CVEs:

CVE-2012-2772
CVE-2012-2775
CVE-2012-2776
CVE-2012-2777
CVE-2012-2779
CVE-2012-2784
CVE-2012-2786
CVE-2012-2787
CVE-2012-2788
CVE-2012-2789
CVE-2012-2790
CVE-2012-2793
CVE-2012-2794
CVE-2012-2796
CVE-2012-2798
CVE-2012-2800
CVE-2012-2801
CVE-2012-2802

Arches, please test and mark stable:
=media-video/libav-0.8.4
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
Comment 2 Agostino Sarubbo gentoo-dev 2012-10-26 13:40:04 UTC
amd64 stable
Comment 3 Jeroen Roovers gentoo-dev 2012-10-26 16:57:36 UTC
Stable for HPPA.
Comment 4 Tobias Klausmann gentoo-dev 2012-10-27 12:27:53 UTC
Stable on alpha.
Comment 5 Anthony Basile gentoo-dev 2012-10-27 21:16:20 UTC
stable ppc64
Comment 6 Anthony Basile gentoo-dev 2012-10-28 12:30:18 UTC
stable ppc
Comment 7 Agostino Sarubbo gentoo-dev 2012-10-30 17:58:53 UTC
x86 stable
Comment 8 Markus Meier gentoo-dev 2012-11-19 21:11:16 UTC
arm stable
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2012-12-01 19:28:09 UTC
ia64/sparc stable
Comment 10 Sean Amoss gentoo-dev Security 2012-12-01 19:42:37 UTC
Thanks, everyone.

New GLSA request filed.
Comment 11 David Heidelberg (okias) 2014-03-03 00:17:46 UTC
oldest in tree libav-0.8.7, PLEASE CLOSE.

thx
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2014-06-26 23:37:30 UTC
This issue was resolved and addressed in
 GLSA 201406-28 at http://security.gentoo.org/glsa/glsa-201406-28.xml
by GLSA coordinator Chris Reffett (creffett).