Re: [blfs-book] [BLFS Trac] #12133: vlc-3.0.7

BLFS Trac via blfs-book Thu, 27 Jun 2019 11:40:24 -0700

#12133: vlc-3.0.7
-------------------------+------------------------
 Reporter:  renodr       |       Owner:  blfs-book
     Type:  enhancement  |      Status:  new
 Priority:  high         |   Milestone:  8.5
Component:  BOOK         |     Version:  SVN
 Severity:  normal       |  Resolution:
 Keywords:               |
-------------------------+------------------------
Changes (by renodr):


 * priority:  normal => high


Comment:

 {{{
 Now vlc-3.0.7.1.

 {{{
 After 100 millions downloads of 3.0.6, VideoLAN is releasing today the VLC
 3.0.7 release, focusing on numerous security fixes, improving HDR support
 on Windows, and Blu-ray menu support.
 }}}

 {{{

 Security Advisory 1901

 Summary           : Read buffer overflow & double free
 Date              : June 2019
 Affected versions : VLC media player 3.0.6 and earlier
 ID                : VideoLAN-SA-1901
 CVE reference     : CVE-2019-5439, CVE-2019-12874

 Details

 A remote user can create some specially crafted avi or mkv files that,
 when loaded by the target user, will trigger a heap buffer overflow (read)
 in ReadFrame (demux/avi/avi.c), or a double free in
 zlib_decompress_extra() (demux/mkv/utils.cpp) respectively
 Impact

 If successful, a malicious third party could trigger either a crash of VLC
 or an arbitratry code execution with the privileges of the target user.
 Threat mitigation

 Exploitation of those issues requires the user to explicitly open a
 specially crafted file or stream.
 Workarounds

 The user should refrain from opening files from untrusted third parties or
 accessing untrusted remote sites (or disable the VLC browser plugins),
 until the patch is applied.
 Solution

 VLC media player 3.0.7 addresses the issues. This release also fixes an
 important security issue that could lead to code execution when playing an
 AAC file.
 Credits

 The MKV double free vulnerability was reported by Symeon Paraschoudis from
 Pen Test Partners
 References

 The VideoLAN project
     http://www.videolan.org/
 VLC official GIT repository
     http://git.videolan.org/?p=vlc.git
 }}}


 {{{
 Description ===========

 - CVE-2019-5439 (arbitrary code execution)
 VideoLAN VLC media player 3.0.6 and earlier has a out-of-bounds write has
 been found in the ReadFrame function of the AVI decoder.
 - CVE-2019-12874 (arbitrary code execution)
 VideoLAN VLC media player 3.0.6 and earlier has a double-free in the
 zlib_decompress_extra function of the Matroska demuxer in
 modules/demux/mkv/util.cpp.
 }}}

 }}}

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12133#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [blfs-book] [BLFS Trac] #12133: vlc-3.0.7

Reply via email to