Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisorycritical issuebuffer overflowUbuntu 20.04: UBUNTU-2021-2e4d893e54 High: libexample Heap Corruption
Update mediainfo.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-3b67623d93 2021-04-06 01:03:31.227619 --------------------------------------------------------------------------------Name : libmediainfo Product : Fedora 33 Version : 21.03 Release : 1.fc33 URL : https://mediaarea.net/en/MediaInfo Summary : Library for supplies technical and tag information about a video or audio file Description : This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? * General: title, author, director, album, track number, date, duration... * Video: codec, aspect, fps, bitrate... * Audio: codec, sample rate, channels, language, bitrate... * Text: language of subtitle * Chapters: number of chapters, list of chapters DivX, XviD, H263, H.263, H264, x264, ASP, AVC, iTunes, MPEG-1, MPEG1, MPEG-2, MPEG2, MPEG-4, MPEG4, MP4, M4A, M4V, QuickTime, RealVideo, RealAudio, RA, RM, MSMPEG4v1, MSMPEG4v2, MSMPEG4v3, VOB, DVD, WMA, VMW, ASF, 3GP, 3GPP, 3GP2 What format (container) does MediaInfo support? * Video: MKV, OGM, AVI, DivX, WMV, QuickTime, Real, MPEG-1, MPEG-2, MPEG-4, DVD (VOB) (Codecs: DivX, XviD, MSMPEG4, ASP, H.264, AVC...) * Audio: OGG, MP3, WAV, RA, AC3, DTS, AAC, M4A, AU, AIFF * Subtitles: SRT, SSA, ASS, SAMI --------------------------------------------------------------------------------Update Information: Update mediainfo. --------------------------------------------------------------------------------ChangeLog: * Sun Mar 28 2021 Vasiliy N. Glazov - 21.03-1 - Update to 21.03 * Tue Jan 26 2021 Fedora Release Engineering - 20.09-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1940984 - CVE-2020-26797 mediainfo: heap-basedbuffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940984 [ 2 ] Bug #1940986 - CVE-2020-26797 libmediainfo: mediainfo: heap-based buffer overflow via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1940986 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-3b67623d93' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2021
Fedora
197
security advisorydenial of servicesoftware updateDebian LTS DLA-1809-1 Moderate: libav Denial of Service Fix
Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. . Package : libav Version : 6:11.12-1~deb8u7 CVE ID : CVE-2018-15822 CVE-2019-11338 Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2018-15822 The flv_write_packet function in libavformat/flvenc.c in libav did not check for an empty audio packet, leading to an assertion failure. CVE-2019-11338 libavcodec/hevcdec.c in libav mishandled detection of duplicate first slices, which allowed remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. For Debian 8 "Jessie", these problems have been fixed in version 6:11.12-1~deb8u7. We recommend that you upgrade your libav packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail:
May 29, 2019
•Important
Debian LTS
89
security advisorybuffer overflowFedoraFedora 28 Security Update: SDL Buffer Overflow Issue Resolved
This release fixes a buffer overflow when processing RIFF/WAV files with in invalid MS ADPCM predictor.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-918aad6bd5 2019-03-20 21:17:00.935438 --------------------------------------------------------------------------------Name : SDL Product : Fedora 28 Version : 1.2.15 Release : 32.fc28 URL : http://www.libsdl.org/ Summary : A cross-platform multimedia library Description : Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. --------------------------------------------------------------------------------Update Information: This release fixes a buffer overflow when processing RIFF/WAV files with in invalid MS ADPCM predictor. --------------------------------------------------------------------------------ChangeLog: * Tue Mar 12 2019 Petr Pisar - 1.2.15-32 - Fix CVE-2019-7577 completely (a buffer overread in MS_ADPCM_nibble and MS_ADPCM_decode on an invalid predictor) (bug #1676510) * Fri Feb 15 2019 Petr Pisar - 1.2.15-31 - Fix CVE-2019-7577 (a buffer overread in MS_ADPCM_decode) (bug #1676510) - Fix CVE-2019-7575 (a buffer overwrite in MS_ADPCM_decode) (bug #1676744) - Fix CVE-2019-7574 (a buffer overread in IMA_ADPCM_decode) (bug #1676750) - Fix CVE-2019-7572 (a buffer overread in IMA_ADPCM_nibble) (bug #1676754) - Fix CVE-2019-7572 (a buffer overwrite in IMA_ADPCM_nibble) (bug #1676754) - Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS_ADPCM) (bugs #1676752, #1676756) - Fix CVE-2019-7578 (a buffer overread in InitIMA_ADPCM) (bug #1676782) - Fix CVE-2019-7638, CVE-2019-7636 (buffer overflows when processing BMP images with too high number of colors) (bugs #1677144, #1677157) - Fix CVE-2019-7637 (an integer overflow in SDL_CalculatePitch) (bug #1677152) - Fix CVE-2019-7635 (a buffer overread when blitting aBMP image with pixel colors out the palette) (bug #1677159) - Reject 2, 3, 5, 6, 7-bpp BMP images (bug #1677159) --------------------------------------------------------------------------------References: [ 1 ] Bug #1676509 - CVE-2019-7577 SDL: Buffer over-read in function SDL_LoadWAV_RW in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676509 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-918aad6bd5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 20, 2019
•Critical
Fedora
197
security advisorydenial of servicebuffer overflowDebian 8: DLA-1611-1 Critical: libav Denial Of Service Issues
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. . Package : libav Version : 6:11.12-1~deb8u2 CVE ID : CVE-2014-9317 CVE-2015-6761 CVE-2015-6818 CVE-2015-6820 CVE-2015-6821 CVE-2015-6822 CVE-2015-6825 CVE-2015-6826 CVE-2015-8216 CVE-2015-8217 CVE-2015-8363 CVE-2015-8364 CVE-2015-8661 CVE-2015-8662 CVE-2015-8663 CVE-2016-10190 CVE-2016-10191 Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2014-9317 The decode_ihdr_chunk function in libavcodec/pngdec.c allowed remote attackers to cause a denial of service (out-of-bounds heap access) and possibly had other unspecified impact via an IDAT before an IHDR in a PNG file. The issue got addressed by checking IHDR/IDAT order. CVE-2015-6761 The update_dimensions function in libavcodec/vp8.c in libav relies on a coefficient-partition count during multi-threaded operation, which allowed remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file. This issue has been resolved by using num_coeff_partitions in thread/buffer setup. The variable is not a constant and can lead to race conditions. CVE-2015-6818 The decode_ihdr_chunk function in libavcodec/pngdec.c did not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks. This has now been fixed by only allowing one IHDR chunk. Multiple IHDR chunks are forbidden in PNG. CVE-2015-6820 The ff_sbr_apply function in libavcodec/aacsbr.c did not check for a matching AAC frame syntax element beforeproceeding with Spectral Band Replication calculations, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted AAC data. This has now been fixed by checking that the element type matches before applying SBR. CVE-2015-6821 The ff_mpv_common_init function in libavcodec/mpegvideo.c did not properly maintain the encoding context, which allowed remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted MPEG data. The issue has been resolved by clearing pointers in ff_mpv_common_init(). This ensures that no stale pointers leak through on any path. CVE-2015-6822 The destroy_buffers function in libavcodec/sanm.c did not properly maintain height and width values in the video context, which allowed remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via crafted LucasArts Smush video data. The solution to this was to reset sizes in destroy_buffers() in avcodec/sanm.c. CVE-2015-6823 Other than stated in the debian/changelog file, this issue has not yet been fixed for libav in Debian jessie LTS. CVE-2015-6824 Other than stated in the debian/changelog file, this issue has not yet been fixed for libav in Debian jessie LTS. CVE-2015-6825 The ff_frame_thread_init function in libavcodec/pthread_frame.c mishandled certain memory-allocation failures, which allowed remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via a crafted file, as demonstrated by an AVI file. Clearing priv_data in avcodec/pthread_frame.c has resolved this and now avoids stale pointer in error case. CVE-2015-6826 The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c did notinitialize certain structure members, which allowed remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data. This issue got addressed by clearing pointers in ff_rv34_decode_init_thread_copy() in avcodec/rv34.c, which avoids leaving stale pointers. CVE-2015-8216 The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg omitted certain width and height checks, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. The issues have been fixed by adding a check for index to avcodec/mjpegdec.c in ljpeg_decode_yuv_scan() before using it, which fixes an out of array access. CVE-2015-8217 The ff_hevc_parse_sps function in libavcodec/hevc_ps.c did not validate the Chroma Format Indicator, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. A check of chroma_format_idc in avcodec/hevc_ps.c has now been added to fix this out of array access. CVE-2015-8363 The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c did not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allowed remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via a crafted image with two or more of these markers. In avcodec/jpeg2000dec.c a check for duplicate SIZ marker has been added to fix this. CVE-2015-8364 Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c allowed remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data. A check of image dimensions has been added to the code (in avcodec/ivi.c) that fixes this integer overflow now. CVE-2015-8661 The h264_slice_header_init function in libavcodec/h264_slice.c did not validate the relationship between the number of threads and the number of slices, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data. In avcodec/h264_slice.c now max_contexts gets limited when slice_context_count is initialized. This avoids an out of array access. CVE-2015-8662 The ff_dwt_decode function in libavcodec/jpeg2000dwt.c did not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. In avcodec/jpeg2000dwt.c a check of ndeclevels has been added before calling dwt_decode*(). This fixes an out of array access. CVE-2015-8663 The ff_get_buffer function in libavcodec/utils.c preserved width and height values after a failure, which allowed remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. Now, dimensions get cleared in ff_get_buffer() on failure, which fixes the cause for an out of array access. CVE-2016-10190 A heap-based buffer overflow in libavformat/http.c allowed remote web servers to execute arbitrary code via a negative chunk size in an HTTP response. In libavformat/http.c the length/offset-related variables have been made unsigned. This fix required inclusion of two other changes ported from ffmpeg upstream Git (commits 3668701f and 362c17e6). CVE-2016-10191 Another heap-based buffer overflow in libavformat/rtmppkt.c allowed remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches. By checking for packet size mismatched, this out of array access has been resolved. For Debian 8 "Jessie", these problems have been fixed in version 6:11.12-1~deb8u2. We recommend that you upgrade your libav packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail:
Dec 20, 2018
•Critical
Debian LTS
87
security advisorysoftware updatedebianDebian: DSA-4012-1 Urgent Security Update for Libav Component
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at ;a=blob;f=Changelog;hb=refs/tags/v11.11 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4012-1
Oct 31, 2017
•Important
Debian
91
security advisorygentoosoftware updateGentoo: GLSA-200804-17 Normal: Speex Code Execution Risk
Improper input validation in Speex might lead to array indexing vulnerabilities in multiple player applications.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200804-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Speex: User-assisted execution of arbitrary code Date: April 17, 2008 Bugs: #217715 ID: 200804-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Improper input validation in Speex might lead to array indexing vulnerabilities in multiple player applications. Background ========= Speex is an audio compression format designed for speech that is free of patent restrictions. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/speex < 1.2_beta3_p2 > = 1.2_beta3_p2 Description ========== oCERT reported that the Speex library does not properly validate the "mode" value it derives from Speex streams, allowing for array indexing vulnerabilities inside multiple player applications. Within Gentoo, xine-lib, VLC, gst-plugins-speex from the GStreamer Good Plug-ins, vorbis-tools, libfishsound, Sweep, SDL_sound, and speexdec were found to be vulnerable. Impact ===== A remote attacker could entice a user to open a specially crafted Speex file or network stream with an application listed above. This might lead to the execution of arbitrary code with privileges of the user playing the file. Workaround ========= There is no known workaround at this time. Resolution ========= All Speex users should upgrade to the latest version: #emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/speex-1.2_beta3_p2" References ========= [ 1 ] CVE-2008-1686 https://www.cve.org/CVERecord?id=CVE-2008-1686 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200804-17 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Apr 17, 2008
Gentoo
91
security advisorygentoobuffer overflowGentoo: 200711-15 Advisory: Risks of FLAC Buffer Overflow Vulnerability
Multiple integer overflow vulnerabilities were found in FLAC possibly allowing for the execution of arbitrary code.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: FLAC: Buffer overflow Date: November 12, 2007 Bugs: #195700 ID: 200711-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple integer overflow vulnerabilities were found in FLAC possibly allowing for the execution of arbitrary code. Background ========= The Xiph.org Free Lossless Audio Codec (FLAC) library is the reference implementation of the FLAC audio file format. It contains encoders and decoders in library and executable form. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/flac < 1.2.1-r1 > = 1.2.1-r1 Description ========== Sean de Regge reported multiple integer overflows when processing FLAC media files that could lead to improper memory allocations resulting in heap-based buffer overflows. Impact ===== A remote attacker could entice a user to open a specially crafted FLAC file or network stream with an application using FLAC. This might lead to the execution of arbitrary code with privileges of the user playing the file. Workaround ========= There is no known workaround at this time. Resolution ========= All FLAC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/flac-1.2.1-r1" You should also run revdep-rebuild to rebuild any packages that depend on older versions of FLAC: # revdep-rebuild --library=libFLAC.* References ========= [ 1 ] CVE-2007-4619 https://www.cve.org/CVERecord?id=CVE-2007-4619 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200711-15 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Nov 12, 2007
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!