ArchLinux: 201605-11: mplayer: denial of service
Summary
A vulnerability has been discovered that is leading to a crash when playing a fuzzed gif file. The gif demuxes assumed in many places that width*height is <= INT_MAX, however this was not always true and was leading to an integer overflow.
Resolution
Upgrade to 37857-1.
# pacman -Syu "mplayer>=37857-1"
The problem has been fixed upstream in version 37857.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4352 https://www.openwall.com/lists/oss-security/2016/04/29/7 https://bugs.archlinux.org/task/49195 https://trac.mplayerhq.hu/ticket/2295
Workaround
None.