Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 245313 (CVE-2008-4866) - media-video/ffmpeg <0.4.9_p20081014 libavformat/utils.c Multiple buffer overflows (CVE-2008-{4866,4867,4868,4869})
Summary: media-video/ffmpeg <0.4.9_p20081014 libavformat/utils.c Multiple buffer overf...
Status: RESOLVED FIXED
Alias: CVE-2008-4866
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://nvd.nist.gov/nvd.cfm?cvename=C...
Whiteboard: B2 [glsa]
Keywords:
Depends on: 245285
Blocks:
  Show dependency tree
 
Reported: 2008-11-02 19:43 UTC by Stefan Behte (RETIRED)
Modified: 2009-03-20 08:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2008-11-02 19:43:31 UTC
CVE-2008-4866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4866):
  Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9
  before r14715, as used by MPlayer, allow context-dependent attackers
  to have an unknown impact via vectors related to execution of DTS
  generation code with a delay greater than MAX_REORDER_DELAY.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-02 19:47:37 UTC
Name:      CVE-2008-4867
URL:       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4867
Published: 2008-10-31
Severity:
Description:

Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as
used by MPlayer, allows context-dependent attackers to have an unknown
impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.

Name:      CVE-2008-4868
URL:       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4868
Published: 2008-10-31
Severity:
Description:

Unspecified vulnerability in the avcodec_close function in
libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer,
has unknown impact and attack vectors, related to a free "on random
pointers."

Name:      CVE-2008-4869
URL:       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4869
Published: 2008-10-31
Severity:
Description:

FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to
cause a denial of service (memory consumption) via unknown vectors, aka
a "Tcp/udp memory leak."

Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-02 19:55:11 UTC
CVE-2008-4867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4867):
  Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as
  used by MPlayer, allows context-dependent attackers to have an
  unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE
  value.

CVE-2008-4868 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4868):
  Unspecified vulnerability in the avcodec_close function in
  libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer,
  has unknown impact and attack vectors, related to a free "on random
  pointers."

CVE-2008-4869 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4869):
  FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers
  to cause a denial of service (memory consumption) via unknown
  vectors, aka a "Tcp/udp memory leak."

Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-02 19:57:10 UTC
Sorry for the double-posting of the CVEs.
Comment 4 Samuli Suominen gentoo-dev 2008-12-13 22:43:54 UTC
Bug 245285 will close this, should Status Whiteboard be changed and arch teams also be CC'd here?
Comment 5 Samuli Suominen gentoo-dev 2008-12-15 16:29:46 UTC
(In reply to comment #4)
> Bug 245285 will close this, should Status Whiteboard be changed and arch teams
> also be CC'd here?
> 

alpha (blackbird) and x86 (me) stable
Comment 6 Ferris McCormick (RETIRED) gentoo-dev 2008-12-20 23:11:57 UTC
Sparc stable.
Comment 7 nixnut (RETIRED) gentoo-dev 2008-12-21 14:35:22 UTC
ppc stable
Comment 8 Raúl Porcel (RETIRED) gentoo-dev 2008-12-22 14:26:26 UTC
arm/ia64 stable
Comment 9 Samuli Suominen gentoo-dev 2008-12-22 14:37:49 UTC
Security: All archteams are done.
Comment 10 Robert Buchholz (RETIRED) gentoo-dev 2008-12-23 12:37:16 UTC
glsa request filed
Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-03-20 08:31:57 UTC
GLSA 200903-33