Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 646770 (CVE-2018-5251, CVE-2018-5294, CVE-2018-6315, CVE-2018-6358, CVE-2018-6359) - <media-libs/ming-0.20181112: Multiple vulnerabilities
Summary: <media-libs/ming-0.20181112: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2018-5251, CVE-2018-5294, CVE-2018-6315, CVE-2018-6358, CVE-2018-6359
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/libming/libming/is...
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on:
Blocks: CVE-2017-9988, CVE-2017-9989 CVE-2017-11728, CVE-2017-11729, CVE-2017-11730, CVE-2017-11731, CVE-2017-11732, CVE-2017-11733, CVE-2017-11734
  Show dependency tree
 
Reported: 2018-02-06 14:44 UTC by GLSAMaker/CVETool Bot
Modified: 2019-04-24 23:58 UTC (History)
1 user (show)

See Also:
Package list:
=media-libs/ming-0.20181112
Runtime testing required: Yes
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-06 14:44:48 UTC 
CVE-2018-6359 (https://nvd.nist.gov/vuln/detail/CVE-2018-6359):
  The decompileIF function (util/decompile.c) in libming through 0.4.8 is
  vulnerable to a use-after-free, which may allow attackers to cause a denial
  of service or unspecified other impact via a crafted SWF file.

CVE-2018-6358 (https://nvd.nist.gov/vuln/detail/CVE-2018-6358):
  The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is
  vulnerable to a heap-based buffer overflow, which may allow attackers to
  cause a denial of service or unspecified other impact via a crafted FDB
  file.

CVE-2018-6315 (https://nvd.nist.gov/vuln/detail/CVE-2018-6315):
  The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through
  0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read,
  which may allow attackers to cause a denial of service or unspecified other
  impact via a crafted SWF file.

CVE-2018-5294 (https://nvd.nist.gov/vuln/detail/CVE-2018-5294):
  In libming 0.4.8, there is an integer overflow (caused by an out-of-range
  left shift) in the readUInt32 function (util/read.c). Remote attackers could
  leverage this vulnerability to cause a denial-of-service via a crafted swf
  file.

CVE-2018-5251 (https://nvd.nist.gov/vuln/detail/CVE-2018-5251):
  In libming 0.4.8, there is an integer signedness error vulnerability (left
  shift of a negative value) in the readSBits function (util/read.c). Remote
  attackers can leverage this vulnerability to cause a denial of service via a
  crafted swf file.
Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2019-04-05 01:10:12 UTC 
All are fixed in master.  Snapshot release covers all.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2019-04-05 01:30:52 UTC 
@arches, please stabilize.
Comment 3 Agostino Sarubbo gentoo-dev 2019-04-05 20:47:24 UTC 
amd64 stable
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2019-04-07 21:37:36 UTC 
hppa stable
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2019-04-07 21:42:53 UTC 
ia64 stable
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2019-04-07 21:49:02 UTC 
ppc64 stable
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2019-04-08 06:08:54 UTC 
ppc stable
Comment 8 Thomas Deutschmann (RETIRED) gentoo-dev 2019-04-10 17:05:46 UTC 
x86 stable
Comment 9 Rolf Eike Beer archtester 2019-04-11 19:43:35 UTC 
sparc stable
Comment 10 Yury German Gentoo Infrastructure gentoo-dev 2019-04-19 01:47:53 UTC 
arm / alpha please complete stabilization.
New GLSA Request filed.
Comment 11 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-04-20 17:57:07 UTC 
alpha stable
Comment 12 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-04-20 18:40:32 UTC 
arm stable
Comment 13 Aaron Bauman (RETIRED) gentoo-dev 2019-04-21 01:49:16 UTC 
tree is clean
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2019-04-24 23:58:35 UTC 
This issue was resolved and addressed in
 GLSA 201904-24 at https://security.gentoo.org/glsa/201904-24
by GLSA coordinator Aaron Bauman (b-man).