Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 635524 (CVE-2017-9051, CVE-2017-9987) - media-video/libav: Multiple vulnerabilities
Summary: media-video/libav: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-9051, CVE-2017-9987
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [ebuild cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-26 17:45 UTC by GLSAMaker/CVETool Bot
Modified: 2020-04-26 15:23 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-10-26 17:45:13 UTC
CVE-2017-9987 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9987):
  There is a heap-based buffer overflow in the function hpel_motion in
  mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote
  denial of service attack.

CVE-2017-9051 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9051):
  libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL
  pointer dereferencing in the nsv_read_chunk function in
  libavformat/nsvdec.c.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-26 17:46:46 UTC
@Maintainers vulnerable version is 12.1, we already have 12.2, proceed to cleanup please.

Thank you
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-01-24 23:41:32 UTC
Setting back to upstream until the fixes are verified across the various branches.
Comment 3 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-03-26 17:32:13 UTC
(In reply to GLSAMaker/CVETool Bot from comment #0)
> CVE-2017-9987 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9987):
>   There is a heap-based buffer overflow in the function hpel_motion in
>   mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote
>   denial of service attack.
> 

Still open upstream:

https://bugzilla.libav.org/show_bug.cgi?id=1067

> CVE-2017-9051 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9051):
>   libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL
>   pointer dereferencing in the nsv_read_chunk function in
>   libavformat/nsvdec.c.

https://bugzilla.libav.org/show_bug.cgi?id=1039

Fixed upstream and is in 12.{1,2,3} releases.
Comment 4 Larry the Git Cow gentoo-dev 2020-04-26 15:23:39 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ae1063b59ef317fdc6dd640b60437f6fb143a2ac

commit ae1063b59ef317fdc6dd640b60437f6fb143a2ac
Author:     Mikle Kolyada <zlogene@gentoo.org>
AuthorDate: 2020-04-26 15:14:48 +0000
Commit:     Mikle Kolyada <zlogene@gentoo.org>
CommitDate: 2020-04-26 15:22:46 +0000

    media-video/libav: remove last-rited pkg
    
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=452482
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=458768
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=470764
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=499256
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=509974
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=519602
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=525070
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=555114
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=564040
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=587054
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=588986
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=701952
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=538790
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=711206
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=489922
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=409957
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=445854
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=474408
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=509294
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=522350
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=546080
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=588482
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=603726
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=694082
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=634102
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=542186
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=635524
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=651218
    Closes: https://bugs.gentoo.org/show_bug.cgi?id=651220
    
    Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>

 media-video/libav/Manifest                    |   3 -
 media-video/libav/files/libav-12.3-x264.patch |  85 -------
 media-video/libav/libav-12.3.ebuild           | 350 --------------------------
 media-video/libav/libav-13_pre20171219.ebuild | 336 -------------------------
 media-video/libav/libav-9999.ebuild           | 339 -------------------------
 media-video/libav/metadata.xml                |  35 ---
 6 files changed, 1148 deletions(-)