Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 8 Dec 2013 13:03:08 -0500 (EST)
From: cve-assign@...re.org
To: michaelni@....at
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com,
        ffmpeg-security@...peg.org
Subject: Re: CVE Request: FFmpeg 2.1 multiple problems

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Id like to request CVE(s) for FFmpeg 2.1, for the changes below:

We've looked at these 17 commits and did not find any situations in which there
was a shared root cause, or a conceptually similar type of error within the
different pieces of code. Accordingly, there are 17 separate CVE IDs. We do not
group issues based on impact.

> https://github.com/FFmpeg/FFmpeg/commit/29ffeef5e73b8f41ff3a3f2242d356759c66f91f
>     fixes a deadlock in h264 decoding
>     https://trac.ffmpeg.org/ticket/2927

Use CVE-2013-7008.


> https://github.com/FFmpeg/FFmpeg/commit/3819db745da2ac7fb3faacb116788c32f4753f34
>     Fixes out of array (on heap) writes in rpza decoding
>     https://trac.ffmpeg.org/ticket/2850

Use CVE-2013-7009.


> https://github.com/FFmpeg/FFmpeg/commit/454a11a1c9c686c78aa97954306fb63453299760
>     avcodec/dsputil: fix signedness in sizeof() comparisons leading
>     to integer overflow and out of array accesses

Use CVE-2013-7010.


> https://github.com/FFmpeg/FFmpeg/commit/547d690d676064069d44703a1917e0dab7e33445
>     Fixes out of array (on heap) writes in ffv1 decoding
>     https://trac.ffmpeg.org/ticket/2906
>     Found-by: ami_stuff

Use CVE-2013-7011.


> https://github.com/FFmpeg/FFmpeg/commit/780669ef7c23c00836a24921fcc6b03be2b8ca4a
>     Fixes out of array write in jpeg2000 decoding
>     https://trac.ffmpeg.org/ticket/3080
>     Found-by: ami_stuff

Use CVE-2013-7012.


> https://github.com/FFmpeg/FFmpeg/commit/821a5938d100458f4d09d634041b05c860554ce0
>     Fix order of align and pixel size multiplication.
>     Fixes out of array accesses in g2m4
>     https://trac.ffmpeg.org/ticket/2922
>     Found-by: ami_stuff

Use CVE-2013-7013.


> https://github.com/FFmpeg/FFmpeg/commit/86736f59d6a527d8bc807d09b93f971c0fe0bb07
>     avcodec/pngdsp: fix (un)signed type in end comparison
>     Fixes out of array writes in png decoding
>     https://trac.ffmpeg.org/ticket/2919
>     Found_by: ami_stuff

Use CVE-2013-7014.


> https://github.com/FFmpeg/FFmpeg/commit/880c73cd76109697447fbfbaa8e5ee5683309446
>     avcodec/flashsv: check diff_start/height
>     Fixes out of array accesses
>     https://trac.ffmpeg.org/ticket/2844
>     Found-by: ami_stuff

Use CVE-2013-7015.


> https://github.com/FFmpeg/FFmpeg/commit/8bb11c3ca77b52e05a9ed1496a65f8a76e6e2d8f
>     Check cdx/y values more carefully
>     Fixes out of array accesses in jpeg2000 decoding
>     https://trac.ffmpeg.org/ticket/2848
>     Found-by: Piotr Bandurski <ami_stuff@...pl>

Use CVE-2013-7016.


> https://github.com/FFmpeg/FFmpeg/commit/912ce9dd2080c5837285a471d750fa311e09b555
>     fix dereferencing invalid pointers in jpeg2000 decoding
>     Found-by: Laurent Butti <laurentb@...il.com>

Use CVE-2013-7017.


> https://github.com/FFmpeg/FFmpeg/commit/9a271a9368eaabf99e6c2046103acb33957e63b7
>     jpeg2000: check log2_cblk dimensions
>     Fixes out of array access
>     https://trac.ffmpeg.org/ticket/2895
>     Found-by: Piotr Bandurski <ami_stuff@...pl>

Use CVE-2013-7018.


> https://github.com/FFmpeg/FFmpeg/commit/a1b9004b768bef606ee98d417bceb9392ceb788d
>     avcodec/jpeg2000dec: fix context consistency with too large lowres
>     Fixes out of array accesses in jpeg2000 decoding
>     https://trac.ffmpeg.org/ticket/2898

Use CVE-2013-7019.


> https://github.com/FFmpeg/FFmpeg/commit/b05cd1ea7e45a836f7f6071a716c38bb30326e0f
>     ffv1dec: Check bits_per_raw_sample and colorspace for equality in ver 0/1 headers
>     prevents inconsistency and out of array write

Use CVE-2013-7020.


> https://github.com/FFmpeg/FFmpeg/commit/cdd5df8189ff1537f7abe8defe971f80602cc2d2
>     avfilter/vf_fps: make sure the fifo is not empty before using it
>     fixes double free in the fps filter
>     https://trac.ffmpeg.org/ticket/2905

Use CVE-2013-7021.


> https://github.com/FFmpeg/FFmpeg/commit/e07ac727c1cc9eed39e7f9117c97006f719864bd
>     fixes out of array access in g2m4
>     https://trac.ffmpeg.org/ticket/2971
>     Found-by: ami_stuff

Use CVE-2013-7022.


> https://github.com/FFmpeg/FFmpeg/commit/f31011e9abfb2ae75bb32bc44e2c34194c8dc40a
>     out of array write (on heap) in case of realloc failure
>     https://trac.ffmpeg.org/ticket/2982

Use CVE-2013-7023.


> https://github.com/FFmpeg/FFmpeg/commit/fe448cd28d674c3eff3072552eae366d0b659ce9
>     avcodec/jpeg2000dec: prevent out of array accesses in pixel addressing
>     https://trac.ffmpeg.org/ticket/2921

Use CVE-2013-7024.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSpLKxAAoJEKllVAevmvmsSnEH/Av2AADJ8ei+HoQpvvJ0IZeR
LXT40WJKUU48/cCO9A68KLE7FvxBHz/+gj57EsCrOhG5M5p0rg3f/2erI2YnSlgw
c/vEoAU6OOxuNMBLreXKx+ED7/Zx5gdmU3KwCMcBGAP3ttE4kaz+LclSGpQm7K/N
PqCOfJC3WGIqB8+uopdDhpeaBtT8gXKIJqUF89dK83G1It2PpdMRRTFQ9IQB7pej
upJUOUTJ6VY5IsDosGrMaABn4BGfT/gYBVVoGCpQUZEN+wI3Gj7Y5eiTjc8KNK4a
0d61cNF+GC8q07zKYSo2rPSvYB9lR36qp5SdiZ2hEOGTCOoyYlAOmerR7vcQvpk=
=miLE
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.