Ubuntu
vlc package

[CVE] flac: Fix heap write overflow on frame format change

Bug #1709420 reported by Simon Quigley
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
vlc (Ubuntu)
Fix Released
Medium
Unassigned
Trusty
Fix Released
Undecided
Simon Quigley
Xenial
Fix Released
Undecided
Simon Quigley
Zesty
Fix Released
Undecided
Simon Quigley

Bug Description

plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows
remote attackers to cause a denial of service (heap corruption and
application crash) or possibly have unspecified other impact via a crafted
FLAC file.

This is tracked in CVE-2017-9300.

CVE References

Simon Quigley (tsimonq2)
information type: Public → Public Security
Revision history for this message
Leonidas S. Barbosa (leosilvab) wrote :

https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3;hp=dbe888f9ca9c3b102478b4a16a3d1d985c267899

Changed in vlc (Ubuntu):
status: New → Confirmed
Leonidas S. Barbosa (leosilvab)
Changed in vlc (Ubuntu):
importance: Undecided → Medium
Simon Quigley (tsimonq2)
Changed in vlc (Ubuntu):
assignee: nobody → Simon Quigley (tsimonq2)
Simon Quigley (tsimonq2)
Changed in vlc (Ubuntu Zesty):
status: New → In Progress
Changed in vlc (Ubuntu Xenial):
status: New → In Progress
Changed in vlc (Ubuntu Trusty):
status: New → In Progress
Changed in vlc (Ubuntu):
status: Confirmed → Fix Released
assignee: Simon Quigley (tsimonq2) → nobody
Changed in vlc (Ubuntu Trusty):
assignee: nobody → Simon Quigley (tsimonq2)
Changed in vlc (Ubuntu Xenial):
assignee: nobody → Simon Quigley (tsimonq2)
Changed in vlc (Ubuntu Zesty):
assignee: nobody → Simon Quigley (tsimonq2)
Revision history for this message
Simon Quigley (tsimonq2) wrote :

Attached is a debdiff for Zesty applicable to 2.2.4-14ubuntu2.1. I have tested this on a fresh Lubuntu 17.04 install and it works fine.

summary: - flac: Fix heap write overflow on frame format change
+ [CVE] flac: Fix heap write overflow on frame format change
Revision history for this message
Simon Quigley (tsimonq2) wrote :

Attached is a debdiff for Xenial applicable to 2.2.2-5ubuntu0.16.04.3. I have tested this on a fresh Lubuntu 16.04 LTS install and it works fine.

Revision history for this message
Simon Quigley (tsimonq2) wrote :

Attached is a debdiff for Trusty applicable to 2.1.6-0ubuntu14.04.3. I have tested this on a fresh Lubuntu 14.04 LTS install and it works fine.

Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

ACK on the debdiffs, I've uploaded them for building as a security update with a couple of minor changes:

- added upstream commit to patch
- changed unofficial url shortener link to launchpad bug link

Thanks!

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.2.2-5ubuntu0.16.04.4

---------------
vlc (2.2.2-5ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
    (LP: #1709420)
    - fix-CVE-2017-9300.patch
    - CVE-2017-9300

 -- Simon Quigley <email address hidden> Tue, 08 Aug 2017 13:59:52 -0500

Changed in vlc (Ubuntu Xenial):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.2.4-14ubuntu2.2

---------------
vlc (2.2.4-14ubuntu2.2) zesty-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
    (LP: #1709420)
    - fix-CVE-2017-9300.patch
    - CVE-2017-9300

 -- Simon Quigley <email address hidden> Tue, 08 Aug 2017 13:41:33 -0500

Changed in vlc (Ubuntu Zesty):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 2.1.6-0ubuntu14.04.4

---------------
vlc (2.1.6-0ubuntu14.04.4) trusty-security; urgency=medium

  * SECURITY UPDATE: flac: Fix heap write overflow on frame format change
    (LP: #1709420)
    - fix-CVE-2017-9300.patch
    - CVE-2017-9300

 -- Simon Quigley <email address hidden> Tue, 08 Aug 2017 14:15:04 -0500

Changed in vlc (Ubuntu Trusty):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.