Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 552320 (CVE-2015-3417) - <media-video/libav-11.4: multiple vulnerabilities (CVE-2015-{3395,3417})
Summary: <media-video/libav-11.4: multiple vulnerabilities (CVE-2015-{3395,3417})
Status: RESOLVED FIXED
Alias: CVE-2015-3417
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://seclists.org/bugtraq/2015/Jun/80
Whiteboard: A2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-06-16 19:22 UTC by Bernd Wernerus
Modified: 2017-08-09 01:46 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Bernd Wernerus 2015-06-16 19:22:41 UTC
The CVEs CVE-2015-3395 & CVE-2015-3417 have been fixed in libav-11.4:
http://seclists.org/bugtraq/2015/Jun/80
https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.4

Reproducible: Always
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2015-06-21 00:38:26 UTC
CVE-2015-3417 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3417):
  Use-after-free vulnerability in the ff_h264_free_tables function in
  libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a
  denial of service or possibly have unspecified other impact via crafted
  H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that
  references H.264 data.

CVE-2015-3395 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3395):
  The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x
  before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before
  2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to
  have unspecified impact via a crafted image, related to a pixel pointer,
  which triggers an out-of-bounds array access.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2015-12-23 17:35:18 UTC
Ping. We need to fix this, Debian has had a fix since 13 Jun 2015. It is almost January of 2016.

Please advise.
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2016-02-14 18:37:42 UTC
Version 11.4 in tree
media-video/libav: Update the version 
Luca Barbato, 25 Jan 23:19, commit 501fd5e1

Are we ready to go stable?
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2016-04-26 07:15:56 UTC
Ok lets try this again! Two versions in tree that fix this.
11.4, 11.6

Which one do you want to call for stabilization on?
Comment 5 Yury German Gentoo Infrastructure gentoo-dev 2017-04-19 06:08:49 UTC
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2017-05-09 19:55:22 UTC
This issue was resolved and addressed in
 GLSA 201705-08 at https://security.gentoo.org/glsa/201705-08
by GLSA coordinator Kristian Fiskerstrand (K_F).
Comment 7 Yury German Gentoo Infrastructure gentoo-dev 2017-05-25 06:02:41 UTC
Reopening Bug for cleanup 
Maintainer(s), please drop the vulnerable version(s).
Comment 8 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-08-09 01:46:48 UTC
this bug depends on a bug that already has a cleanup set on <11.8.  Thus, that cleanup will take care of this.  Closing.