[3.6] libsndfile: Multiple vulnerabilities (CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365)
CVE-2017-8361: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(buffer overflow and application crash) or possibly have unspecified
other impact via a crafted audio file.
Reference:
http://openwall.com/lists/oss-security/2017/05/01/1
Patch:
https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
CVE-2017-8362: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(invalid read and application crash) via a crafted audio file.
Reference:
http://openwall.com/lists/oss-security/2017/05/01/2
Patch:
https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808
CVE-2017-8363: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted audio
file.
Reference:
http://openwall.com/lists/oss-security/2017/05/01/3
Patch:
https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
CVE-2017-8365: The i2les_array function in pcm.c in libsndfile
allows attackers to cause a denial of service (buffer over-read
and application crash) via a crafted audio file.
Affected version:
1.0.28
Reference:
http://openwall.com/lists/oss-security/2017/05/01/5
Patch:
https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
(from redmine: issue id 7441, created on 2017-06-16, closed on 2017-07-05)
- Relations:
- parent #7439 (closed)
- Changesets:
- Revision 56b47c64 by Natanael Copa on 2017-07-05T07:52:25Z:
main/libsndfile: fix CVE-2017-8361, CVE-2017-8362, CVE-2017-8363, CVE-2017-8365
fixes #7441