Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 235238 (CVE-2008-3732) - media-video/vlc <0.8.6i-r1 TTA Processing Integer Overflow (CVE-2008-3732)
Summary: media-video/vlc <0.8.6i-r1 TTA Processing Integer Overflow (CVE-2008-3732)
Status: RESOLVED FIXED
Alias: CVE-2008-3732
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/31512/
Whiteboard: B2 [glsa]
Keywords:
Depends on: CVE-2008-3794
Blocks:
  Show dependency tree
 
Reported: 2008-08-19 22:25 UTC by Robert Buchholz (RETIRED)
Modified: 2008-09-07 19:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-08-19 22:25:31 UTC
Secunia writes:
g_ has discovered a vulnerability in VLC Media Player, which
potentially can be exploited by malicious people to compromise a
user's system.

The vulnerability is caused due to an integer overflow error within
the "Open()" function in modules/demux/tta.c. This can be exploited
to cause a heap-based buffer overflow via specially crafted TTA
data.

Successful exploitation may potentially allow execution of arbitrary
code.

The vulnerability is confirmed in version 0.8.6i. Other versions may
also be affected.

SOLUTION:
Do not open untrusted files using VLC Media Player.

PROVIDED AND/OR DISCOVERED BY:
g_, Orange Bat

ORIGINAL ADVISORY:
http://www.orange-bat.com/adv/2008/adv.08.16.txt
Comment 1 Alexis Ballier gentoo-dev 2008-08-22 09:09:26 UTC
0.8.6i-r1 is fixed and is the stable candidate. 0.9 (ie for ~arch) will be fixed when 0.9.0 final will be released (it was expected this week end last I heard).
There will probably be no 0.8.6j release but 0.9.0 is still too young, so we shall go with a -r1.

Also, please have a look at:
http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048308.html
Comment 2 Robert Buchholz (RETIRED) gentoo-dev 2008-08-22 09:44:54 UTC
(In reply to comment #1)
> Also, please have a look at:
> http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048308.html

Thanks for the pointer. 'very unlikely' is not good enough to decrease severity, but good to know. Concerning CVE not contacting upstream: That's normal procedure, often the information gets upstream through distributions.

Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-08-22 09:45:50 UTC
Arches, please test and mark stable:
=media-video/vlc-0.8.6i-r1
Target keywords : "alpha amd64 ppc sparc x86"
Comment 4 Friedrich Oslage (RETIRED) gentoo-dev 2008-08-22 18:47:05 UTC
sparc stable
Comment 5 Markus Meier gentoo-dev 2008-08-22 20:53:36 UTC
amd64/x86 stable
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-08-24 13:46:14 UTC
arches, please stable per bug 235589.
Comment 7 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-09-07 19:31:06 UTC
GLSA 200809-06