2015-01-18 20:41 GMT+01:00 Reinhard Tartler <siret...@gmail.com>: > Control: severity -1 important > > On Sat, Jan 17, 2015 at 2:56 PM, Sebastian Ramacher > <sramac...@debian.org> wrote: >> On 2014-12-20 23:31:11, Michael Gilbert wrote: >>> CVE-2014-8544[4]: >>> | libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate >>> | bits-per-pixel fields, which allows remote attackers to cause a denial >>> | of service (out-of-bounds access) or possibly have unspecified other >>> | impact via crafted TIFF data. >> >>> CVE-2014-8546[6]: >>> | Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 >>> | allows remote attackers to cause a denial of service (out-of-bounds >>> | access) or possibly have unspecified other impact via crafted Cinepak >>> | video data. >> >>> CVE-2014-9316[10]: >>> | The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg >>> | before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows >>> | remote attackers to cause a denial of service (out-of-bounds heap >>> | access) and possibly have other unspecified impact via vectors related >>> | to LJIF tags in an MJPEG file. >> >>> CVE-2014-9318[11]: >>> | The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, >>> | 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to >>> | cause a denial of service (out-of-bounds heap access) and possibly >>> | have other unspecified impact via a crafted .cine file that triggers >>> | the avpicture_get_size function to return a negative frame size. >> >>> CVE-2014-9319[12]: >>> | The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg >>> | before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows >>> | remote attackers to cause a denial of service (out-of-bounds access) >>> | via a crafted .bit file. >> >>> [4] https://security-tracker.debian.org/tracker/CVE-2014-8544 >>> [6] https://security-tracker.debian.org/tracker/CVE-2014-8546 >>> [10] https://security-tracker.debian.org/tracker/CVE-2014-9316 >>> [11] https://security-tracker.debian.org/tracker/CVE-2014-9318 >>> [12] https://security-tracker.debian.org/tracker/CVE-2014-9319 >> >> I'm cloning this bug report to keep track of the unfixed CVEs. > > It seems to me that non of the above five entries have neither > publicly accessible samples nor any public discussion on neither > oss-sec nor fulldisc. It remains unclear whether or not they affect > libav at all. > > While I agree that these issues should be investigated in more detail, > the lack of instructions how to confirm and reproduce the issue makes > working on this bug unreasonably hard. I'm therefore downgrading the > severity of this issue to the non-RC severity "important"; this bug > does not seem release critical to me at all. Probably asking FFmpeg upstream would help, maybe Libav upstream also have been notified about the details.
Cheers, Balint -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
