ArchLinux: 201706-1: vlc: multiple issues
Summary
- CVE-2017-8310 (denial of service)
Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due
to missing check of string termination allows attackers to read data
beyond allocated memory and potentially crash the process (causing a
denial of service) via a crafted subtitles file.
- CVE-2017-8311 (arbitrary code execution)
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before
2.2.5 due to skipping NULL terminator in an input string allows
attackers to execute arbitrary code via a crafted subtitles file.
- CVE-2017-8312 (denial of service)
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check
of string length allows attackers to read heap uninitialized data via a
crafted subtitles file.
Resolution
Upgrade to 2.2.6-1.
# pacman -Syu "vlc>=2.2.6-1"
The problems have been fixed upstream in version 2.2.6.
References
https://bugs.archlinux.org/task/54194 ;a=commitdiff;h=7cac839692ab79dbfe5e4ebd4c4e37d9a8b1b328 ;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6 ;a=commitdiff;h=611398fc8d32f3fe4331f60b220c52ba3557beaa https://security.archlinux.org/CVE-2017-8310 https://security.archlinux.org/CVE-2017-8311 https://security.archlinux.org/CVE-2017-8312
Workaround
None.