[Buildroot] [PATCH 1/5] audiofile: add security patch for CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837

Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed

From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH 1/5] audiofile: add security patch for CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837
Date: Fri, 31 Mar 2017 13:37:05 +0200	[thread overview]
Message-ID: <87mvc1vfry.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20170330210335.16858-1-peter@korsgaard.com> (Peter Korsgaard's message of "Thu, 30 Mar 2017 23:03:31 +0200")

>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:

 > CVE-2017-6827: A heap-based buffer overflow in the
 > MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka
 > libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have
 > unspecified impact via a crafted audio file.

 > https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
 > https://github.com/mpruett/audiofile/issues/32

 > CVE-2017-6828: A Heap-based buffer overflow in the readValue function in
 > FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6
 > allows remote attackers to have unspecified impact via a crafted WAV file.

 > https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp
 > https://github.com/mpruett/audiofile/issues/31

 > CVE-2017-6832: A Heap-based buffer overflow in the decodeBlock in
 > MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote
 > attackers to cause a denial of service (crash) via a crafted file.

 > https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp
 > https://github.com/mpruett/audiofile/issues/36

 > CVE-2017-6833: The runPull function in libaudiofile/modules/BlockCodec.cpp
 > in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause
 > a denial of service (divide-by-zero error and crash) via a crafted file.

 > https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp
 > https://github.com/mpruett/audiofile/issues/37

 > CVE-2017-6835: The reset1 function in libaudiofile/modules/BlockCodec.cpp in
 > Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a
 > denial of service (divide-by-zero error and crash) via a crafted file.

 > https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp
 > https://github.com/mpruett/audiofile/issues/39

 > CVE-2017-6837: WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows
 > remote attackers to cause a denial of service (crash) via vectors related to
 > a large number of coefficients.

 > http://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
 > https://github.com/mpruett/audiofile/issues/41

 > Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Committed all 5, thanks.

-- 
Bye, Peter Korsgaard

next prev parent reply	other threads:[~2017-03-31 11:37 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-03-30 21:03 [Buildroot] [PATCH 1/5] audiofile: add security patch for CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837 Peter Korsgaard
2017-03-30 21:03 ` [Buildroot] [PATCH 2/5] audiofile: add security patch for CVE-2017-6829 Peter Korsgaard
2017-03-30 21:03 ` [Buildroot] [PATCH 3/5] audiofile: add security patch for CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838 Peter Korsgaard
2017-03-30 21:03 ` [Buildroot] [PATCH 4/5] audiofile: add security patch for CVE-2017-6831 Peter Korsgaard
2017-03-30 21:03 ` [Buildroot] [PATCH 5/5] audiofile: add security patch for CVE-2017-6839 Peter Korsgaard
2017-03-31 11:37 ` Peter Korsgaard [this message]
2017-04-03  8:32 ` [Buildroot] [PATCH 1/5] audiofile: add security patch for CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837 Peter Korsgaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87mvc1vfry.fsf@dell.be.48ers.dk \
    --to=peter@korsgaard.com \
    --cc=buildroot@busybox.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox