Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 687766 (CVE-2018-13440, CVE-2018-17095) - media-libs/audiofile: multiple vulnerabilities
Summary: media-libs/audiofile: multiple vulnerabilities
Status: UNCONFIRMED
Alias: CVE-2018-13440, CVE-2018-17095
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: A3 [upstream+/ebuild]
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-10 03:44 UTC by D'juan McDonald (domhnall)
Modified: 2019-06-10 22:47 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-06-10 03:44:32 UTC
(https://nvd.nist.gov/vuln/detail/CVE-2018-17095):

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.

Upstream Reference: https://github.com/mpruett/audiofile/issues/50


(https://nvd.nist.gov/vuln/detail/CVE-2018-13440):

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert.

Upstream Reference: https://github.com/mpruett/audiofile/issues/49


@security, On Thu, 06 Jun 2019 Debian announces	Fix for issues [CVE-2018-13440] and [CVE-2018-17095]. However, upstream's last changelog was 3 years ago, and non-descriptive of fix. 

"2016-08-29  Michael Pruett <michael@68k.org>

* libaudiofile/modules/SimpleModule.h:
Fix undefined behavior in sign conversion."


On March 26, 2019 there was https://github.com/mpruett/audiofile/issues/53 saying: 
"Can you please roll a new release with all these security fixes?"

Gentoo last interest in security for this package was: 2017-06-17 in bug #614046. 



Gentoo Security Padawan
(domhnall)
Comment 1 Agostino Sarubbo gentoo-dev 2019-06-10 10:28:43 UTC
CVE-2018-17095 seems a duplicate of CVE-2017-6836