FS#54194 : [vlc] Arbitrary code execution and other vulnerabilities (CVE-2017-8310 to CVE-2017-8313)

FS#54194 - [vlc] Arbitrary code execution and other vulnerabilities (CVE-2017-8310 to CVE-2017-8313)

Attached to Project: Arch Linux
Opened by mpan (mpan) - Friday, 26 May 2017, 17:07 GMT
Last edited by Doug Newgard (Scimmia) - Monday, 29 May 2017, 03:22 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	2 mpan (mpan) (2017-05-29) Maxqia (Maxqia) (2017-05-28)
Private	No

Details

CVE-2017-8311: “Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.”

CVE-2017-8310 and CVE-2017-8312 are DoS, CVE-2017-8311 allows reading of process memory.

Fixed in 2.2.6 by:
* https://git.videolan.org/?p=vlc/vlc-2.2.git;a=blobdiff;f=modules/codec/subsdec.c;h=addd8c71f30d53558fffd19059b374be45cf0f8e;hp=1b4276e299a2a6668047231d29ac705ae93076ba;hb=7cac839692ab79dbfe5e4ebd4c4e37d9a8b1b328;hpb=3477dba3d506de8d95bccef2c6b67861188f6c29
* https://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6
* https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=05b653355ce303ada3b5e0e645ae717fea39186c
* https://git.videolan.org/?p=vlc.git;a=blobdiff;f=modules/demux/subtitle.c;h=5e4fcdb7f25b2819f5441156c7c0ea2a7d112ca3;hp=2a75fbfb7c3f56b24b2e4498bbb8fe0aa2575974;hb=611398fc8d32f3fe4331f60b220c52ba3557beaa;hpb=075bc7169b05b004fa0250e4a4ce5516b05487a9

This task depends upon

Closed by Doug Newgard (Scimmia)
Monday, 29 May 2017, 03:22 GMT
Reason for closing: Fixed

Comment by mpan (mpan) - Monday, 29 May 2017, 03:21 GMT

2.2.6 in the repo, can be closed. However assigning an ASA to it would be nice.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#54194 - [vlc] Arbitrary code execution and other vulnerabilities (CVE-2017-8310 to CVE-2017-8313)

Details

Loading...