Project

General

Profile

Bug #6818

Bug #6816: wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)

[3.5] wavpack: multiple out of bounds memory reads (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
02/06/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

CVE-2016-10169: global buffer overread in read_code / read_words.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

CVE-2016-10170: Heap out of bounds read in WriteCaffHeader / caff.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

CVE-2016-10171: heap out of bounds read in unreorder_channels / wvunpack.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

CVE-2016-10172: Heap out of bounds read in read_new_config_info / open_utils.c

Fixed In Version:

wavpack 5.1.0

References:

http://seclists.org/oss-sec/2017/q1/221

Patch:

https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc

Associated revisions

Revision d43f57b0 (diff)
Added by Sergei Lukin over 2 years ago

main/wavpack: security upgrade to 5.1.0 - fixes #6818

CVE-2016-10169: global buffer overread in read_code / read_words.c
CVE-2016-10170: Heap out of bounds read in WriteCaffHeader / caff.c
CVE-2016-10171: heap out of bounds read in unreorder_channels / wvunpack.c
CVE-2016-10172: Heap out of bounds read in read_new_config_info / open_utils.c

History

#1 Updated by Sergei Lukin over 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH over 2 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF