lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20110810131939.GC23625@core.inversepath.com>
Date: Wed, 10 Aug 2011 15:19:39 +0200
From: Daniele Bianco <danbia@...rt.org>
To: oss-security@...ts.openwall.com, ocert-announce@...ts.ocert.org,
  bugtraq@...urityfocus.com
Subject: [oCERT-2011-002] libavcodec insufficient boundary check


#2011-002 libavcodec insufficient boundary check

Description:

The libavcodec library, an open source video encoding/decoding library part
of the FFmpeg and Libav projects, performs insufficient boundary check
against a buffer index. The missing check can result in arbitrary read/write
of data outside a destination buffer boundaries.

The vulnerability affects the Chinese AVS video (CAVS) file format decoder,
specially crafted CAVS files may lead to arbitrary code execution during
decoding.

Affected version:

FFmpeg <= 0.7.2, <= 0.8.1

Libav <= 0.7.1

The following packages were identified as affected as they statically
include libavcodec in their own packages.

MPlayer <= 1.0_rc4

Fixed version:

FFmpeg >= 0.7.3, >= 0.8.2

Libav, N/A

MPlayer, N/A

Credit: vulnerability report received from Emmanouel Kellinis.

CVE: N/A

Timeline:
2011-07-14: vulnerability report received
2011-07-15: contacted ffmpeg maintainers
2011-07-15: ffmpeg maintainer confirms the issue, preliminary patch is
            provided
2011-07-21: patch approved by reporter
2011-07-23: contacted affected vendors
2011-08-10: advisory release

Permalink:
http://www.ocert.org/advisories/ocert-2011-002.html

--
  Daniele Bianco      Open Source Computer Security Incident Response Team
  <danbia@...rt.org>                                  http://www.ocert.org

  GPG Key 0x9544A497
  GPG Key fingerprint = 88A7 43F4 F28F 1B9D 6F2D  4AC5 AE75 822E 9544 A497

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ