SB2017050929 - Gentoo update for libav

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017050929

SB2017050929 - Gentoo update for libav

Published: May 9, 2017 Updated: June 28, 2025

Security Bulletin ID SB2017050929
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 33% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2015-3395)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.


2) Input validation error (CVE-ID: CVE-2015-3417)

The vulnerability allows remote attackers to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.


3) Information disclosure (CVE-ID: CVE-2016-1897)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.


4) Information disclosure (CVE-ID: CVE-2016-1898)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.


5) Integer overflow (CVE-ID: CVE-2016-2326)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.


6) Buffer overflow (CVE-ID: CVE-2016-3062)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.


Remediation

Install update from vendor's website.

References