Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 647
    • Issues 647
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 195
    • Merge Requests 195
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Issues
  • #9115

Closed
Open
Opened Jul 19, 2018 by Alicha CH@alichaReporter
  • Report abuse
  • New issue
Report abuse New issue

[3.9] ffmpeg: Multiple vulnerabilities (CVE-2018-7557, CVE-2018-10001, CVE-2018-12458, CVE-2018-13300, CVE-2018-13302)

CVE-2018-7557: The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers
to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

References:

https://nvd.nist.gov/vuln/detail/CVE-2018-7557

Patch:

https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96

CVE-2018-10001: The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows
remote attackers to cause a denial of service (out of array read) via an AVI file.

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2018-10001

Patch:

http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47b7c68ae54560e2308bdb6be4fb076c73b93081

CVE-2018-12458: An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in
FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2018-12458

Patch:

https://github.com/FFmpeg/FFmpeg/commit/e1182fac1afba92a4975917823a5f644bee7e6e8

CVE-2018-13300: In FFmpeg 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample
function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a
crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2018-13300

Patch:

https://github.com/FFmpeg/FFmpeg/commit/95556e27e2c1d56d9e18f5db34d6f756f3011148

CVE-2018-13302: In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that
have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access
while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact.

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2018-13302

Patch:

https://github.com/FFmpeg/FFmpeg/commit/ed22dc22216f74c75ee7901f82649e1ff725ba50

(from redmine: issue id 9115, created on 2018-07-19, closed on 2018-08-29)

  • Relations:
    • copied_to #9114 (closed)
    • parent #9114 (closed)
  • Changesets:
    • Revision 2a92300f by Natanael Copa on 2018-08-28T13:49:05Z:
community/ffmpeg: security upgrade to 3.4.4

fixes #9115
fixes #9353
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
3.9.0
Milestone
3.9.0 (Past due)
Assign milestone
Time tracking
None
Due date
None
3
Labels
Normal tag:security type:bug
Assign labels
  • View project labels
Reference: alpine/aports#9115