Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 10.10: USN-1015-1 Severity: Critical Libvpx DoS Vulnerability

Calendar Nov 10, 2010 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical risk Ubuntu libvpx
Christoph Diehl discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service or possibly execute code as the user invoking the program. [More...] 
==========================================================Ubuntu Security Notice USN-1015-1          November 10, 2010
libvpx vulnerability
CVE-2010-4203
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.10:
  libvpx0                         0.9.2-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

Details follow:

Christoph Diehl discovered that libvpx did not properly perform bounds
checking. If an application using libvpx opened a specially crafted
WebM file, an attacker could cause a denial of service or possibly execute
code as the user invoking the program.


Updated packages for Ubuntu 10.10:

  Source archives:

          Size/MD5:    11216 71651eb86d66635c6762bfbd09fc2dbe
          Size/MD5:     1915 acc3a3df81a1d44128642b82efd87500
          Size/MD5:  1197094 609370925b274aeaa29e94fc34c74957

  Architecture independent packages:

          Size/MD5:   213800 643f6dec01f57f032e3b0569fd740aea

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   317232 2bba15922882c45e09e00734cba97992
          Size/MD5:   513174 e7e4950eaeb1451d3b65877ee6160740
          Size/MD5:   242484 29757fcd05cb208a7417c80c0e1480be

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   295092 ad95c819c44989c1dffe857e8f5d7756
          Size/MD5:   482832 47d4ef6d2a62ee070301fe4b5872acd2
          Size/MD5:   221952 7ff75df2f1410385b6231d633eceeaec

  armel architecture (ARM Architecture):

          Size/MD5:   303772 a28b374676f0b28fb74cabea30cca822
          Size/MD5:   462142 a59e1096f88f18a844e37fabc99d1d7f
          Size/MD5:   244498 5bc6ca696e39ddc9af21a30856ff2177

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   279168 25295c9264836bdace7133836a634afb
          Size/MD5:   452792 c9c51d0c479379b19e77022992eb76ac
          Size/MD5:   218026 e4618be5cbce6571eae4810c9e80990f

Ubuntu 10.10: USN-1015-1 Severity: Critical Libvpx DoS Vulnerability

ubuntu
Calendar Grey November 10, 2010
Dist Ubuntu Esm H88
Enhance your framework to address the libvpx flaw leading to service interruptions and possible code execution threats.
Christoph Diehl discovered that libvpx did not properly perform bounds checking

Summary

Topics%20covered

Topics Covered

security advisory denial of service critical risk Ubuntu libvpx

Update Instructions

References

Severity
critical
Lowest
Low
Medium
High
Critical

libvpx vulnerability

Topics%20covered

Topics Covered

security advisory denial of service critical risk Ubuntu libvpx

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here