SB2017012905 - Gentoo update for FFmpeg

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017012905

SB2017012905 - Gentoo update for FFmpeg

Published: January 29, 2017 Updated: January 29, 2017

Security Bulletin ID SB2017012905
Severity
Low
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Resource management error (CVE-ID: CVE-2016-7122)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.


2) Out-of-bounds read (CVE-ID: CVE-2016-7450)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file.


3) Out-of-bounds read (CVE-ID: CVE-2016-7502)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode.


4) Information disclosure (CVE-ID: CVE-2016-7555)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure.


5) Buffer overflow (CVE-ID: CVE-2016-7562)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file.


6) Input validation error (CVE-ID: CVE-2016-7785)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.


7) NULL pointer dereference (CVE-ID: CVE-2016-7905)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointer used) via a crafted AVI file.


Remediation

Install update from vendor's website.

References