634748 – (CVE-2017-9990, CVE-2017-9995) <media-video/ffmpeg-3.3.1: Multiple vulnerability

Bug 634748 (CVE-2017-9990, CVE-2017-9995) - <media-video/ffmpeg-3.3.1: Multiple vulnerability

Summary: <media-video/ffmpeg-3.3.1: Multiple vulnerability

Status:	RESOLVED FIXED

Alias:	CVE-2017-9990, CVE-2017-9995

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2017-10-19 03:51 UTC by GLSAMaker/CVETool Bot
Modified:	2017-10-26 00:46 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2017-10-19 03:51:20 UTC

CVE-2017-9995 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9995):
  libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate
  height and width data, which allows remote attackers to cause a denial of
  service (heap-based buffer overflow and application crash) or possibly have
  unspecified other impact via a crafted file.

CVE-2017-9990 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9990):
  Stack-based buffer overflow in the color_string_to_rgba function in
  libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to
  cause a denial of service (application crash) or possibly have unspecified
  other impact via a crafted file.


@Maintainers we have older versions, could you please confirm if those are vulnerable?

Thanks

Comment 1 Aaron Bauman (RETIRED) gentoo-dev

2017-10-26 00:46:41 UTC

GLSA Vote: No

Cleanup handled in bug #630460