Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 624984 - media-libs/libmtp-1.1.12 CVE-2017-9831, CVE-2017-9832
Summary: media-libs/libmtp-1.1.12 CVE-2017-9831, CVE-2017-9832
Status: RESOLVED DUPLICATE of bug 623634
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Linux bug wranglers
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-14 12:12 UTC by Andrey Ovcharov
Modified: 2017-07-14 12:13 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrey Ovcharov 2017-07-14 12:12:50 UTC
https://nvd.nist.gov/vuln/detail/CVE-2017-9831

"An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable."

https://nvd.nist.gov/vuln/detail/CVE-2017-9832

"An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable."
Comment 1 Andrey Ovcharov 2017-07-14 12:13:38 UTC

*** This bug has been marked as a duplicate of bug 623634 ***