Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 559170 (CVE-2015-6749) - <media-sound/vorbis-tools-1.4.0-r3: buffer overflow in aiff_open()
Summary: <media-sound/vorbis-tools-1.4.0-r3: buffer overflow in aiff_open()
Status: RESOLVED FIXED
Alias: CVE-2015-6749
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-08-30 14:12 UTC by Agostino Sarubbo
Modified: 2017-12-10 21:35 UTC (History)
1 user (show)

See Also:
Package list:
=media-sound/vorbis-tools-1.4.0-r3
Runtime testing required: No
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-08-30 14:12:35 UTC 
From ${URL} :

Name : vorbis-tool
Affected Version: <= Revision 19495
URL : https://wiki.xiph.org/Vorbis-tools

Description :
An issue was found in oggenc/audio.c when it tries to open invalid AIFF file.

274    if(fread(buffer,1,len,in) < len)
The input buffer and length can be controlled by user indirectly via:

260    if(!find_aiff_chunk(in, "COMM", &len))

More info can be found at :
https://trac.xiph.org/ticket/2212



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-07-17 16:21:45 UTC 
ebuild submitted.

needs to be tested
Comment 2 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-07-21 13:14:39 UTC 
Stable on all arches, cleanup needed and glsa vote
Comment 3 Sergei Trofimovich (RETIRED) gentoo-dev 2017-08-09 22:00:02 UTC 
ia64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2017-08-10 07:01:22 UTC 
amd64 stable
Comment 5 Markus Meier gentoo-dev 2017-08-10 19:55:54 UTC 
arm stable
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2017-08-18 20:12:04 UTC 
x86 stable
Comment 7 Yury German Gentoo Infrastructure gentoo-dev 2017-08-30 01:30:05 UTC 
Arches - PPC / PPC64 / Alpha / hppa needs to be completed.
Comment 8 Matt Turner gentoo-dev 2017-08-31 15:21:22 UTC 
alpha stable
Comment 9 Aaron Bauman (RETIRED) gentoo-dev 2017-09-10 22:17:07 UTC 
sparc was dropped to exp.

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5901d8f716555a1479f12313a2925fcadd177a9
Comment 10 Sergei Trofimovich (RETIRED) gentoo-dev 2017-09-20 21:04:18 UTC 
hppa stable
Comment 11 Sergei Trofimovich (RETIRED) gentoo-dev 2017-09-26 08:56:46 UTC 
ppc/ppc64 stable
Comment 12 Yury German Gentoo Infrastructure gentoo-dev 2017-10-02 06:34:31 UTC 
New GLSA Request filed.
Comment 13 Yury German Gentoo Infrastructure gentoo-dev 2017-10-02 06:36:43 UTC 
Maintainer(s), please drop the vulnerable version(s).
Comment 14 Aaron Bauman (RETIRED) gentoo-dev 2017-10-08 21:32:51 UTC 
Downgraded to B3. No PoC for ACE/RCE.

GLSA Vote: No

Maintainers, please clean the vulnerable.
Comment 16 Sergei Trofimovich (RETIRED) gentoo-dev 2017-12-10 21:35:28 UTC 
sparc stable (thanks to Rolf Eike Beer)