627296 – (CVE-2017-12678) <media-libs/taglib-1.11.1-r1: pointer to cast allows denial of service (CVE-2017-12678)

Bug 627296 (CVE-2017-12678) - <media-libs/taglib-1.11.1-r1: pointer to cast allows denial of service (CVE-2017-12678)

Summary: <media-libs/taglib-1.11.1-r1: pointer to cast allows denial of service (CVE-2...

Status:	RESOLVED FIXED

Alias:	CVE-2017-12678

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	C3 [noglsa cve ]
Keywords:

Depends on:
Blocks:

Reported:	2017-08-08 07:12 UTC by Aleksandr Wagner (Kivak)
Modified:	2019-02-17 17:27 UTC (History)
CC List:	0 users

See Also:
Package list:	media-libs/taglib-1.11.1-r1
Runtime testing required:	---

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aleksandr Wagner (Kivak) 2017-08-08 07:12:07 UTC

CVE-2017-12678 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12678):

In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. 

References:

https://github.com/taglib/taglib/issues/829
https://github.com/taglib/taglib/pull/831

Patch:

https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6#diff-37f706c8696a7c1ca939b169c0a04d97

Comment 1 Andreas Sturmlechner gentoo-dev

2017-08-08 17:31:15 UTC

Thanks, fix pushed in git commit 96280e607739038a6f0ed6778fb3f01b82a5f534

Comment 2 Andreas Sturmlechner gentoo-dev

2017-08-13 07:18:24 UTC

Feel free to kick off stabilisation.

Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev

2017-08-13 13:04:43 UTC

@ Arches,

please test and mark stable: =media-libs/taglib-1.11.1-r1

Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev

2017-08-13 17:16:46 UTC

ia64 stable

Comment 5 Markus Meier gentoo-dev

2017-08-23 04:57:47 UTC

arm stable

Comment 6 Mikle Kolyada (RETIRED) archtester

2017-08-25 22:18:57 UTC

amd64 stable

Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev

2017-08-29 20:43:28 UTC

x86 stable

Comment 8 Matt Turner gentoo-dev

2017-08-31 15:22:04 UTC

alpha stable

Comment 9 Aaron Bauman (RETIRED) gentoo-dev

2017-09-10 22:18:00 UTC

sparc was dropped to exp.

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5901d8f716555a1479f12313a2925fcadd177a9

Comment 10 Sergei Trofimovich (RETIRED) gentoo-dev

2017-09-24 17:17:54 UTC

ppc64 stable

Comment 11 Sergei Trofimovich (RETIRED) gentoo-dev

2017-09-27 09:13:56 UTC

ppc stable

Comment 12 Sergei Trofimovich (RETIRED) gentoo-dev

2017-10-12 10:27:58 UTC

hppa/sparc stable (thanks to Rolf Eike Beer)

Comment 13 Aaron Bauman (RETIRED) gentoo-dev

2017-10-13 23:19:43 UTC

GLSA Vote: No

@maintainers, please clean.

Comment 14 Andreas Sturmlechner gentoo-dev

2017-10-14 00:13:02 UTC

Vulnerable versions dropped in git commit d68e6c03460539eb97f782bfb46fa894d843841d

Comment 15 Christopher Díaz Riveros (RETIRED) gentoo-dev

2017-10-14 00:29:34 UTC

Thank you all