Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 626348 (CVE-2017-9410, CVE-2017-9411, CVE-2017-9412) - <media-sound/lame-3.100: Multiple denial of service
Summary: <media-sound/lame-3.100: Multiple denial of service
Status: RESOLVED FIXED
Alias: CVE-2017-9410, CVE-2017-9411, CVE-2017-9412
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://nvd.nist.gov/vuln/detail/CVE-...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-27 10:38 UTC by Christopher Díaz Riveros (RETIRED)
Modified: 2018-01-15 16:06 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-07-27 10:38:18 UTC 
From URL:

The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted wav file.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-07-27 10:41:41 UTC 
References:

https://nvd.nist.gov/vuln/detail/CVE-2017-9411
https://nvd.nist.gov/vuln/detail/CVE-2017-9412

From [1]:

The fill_buffer_resample function in libmp3lame/util.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.


From [2]:

The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2018-01-15 16:06:27 UTC 
Package is a B and the DoS rates a 3.

GLSA Vote: No.

Cleanup will be handled in bug #634598