ASA-201803-21 generated external raw

[ASA-201803-21] lib32-libvorbis: multiple issues
Arch Linux Security Advisory ASA-201803-21 ========================================== Severity: Critical Date : 2018-03-19 CVE-ID : CVE-2017-14632 CVE-2017-14633 CVE-2018-5146 Package : lib32-libvorbis Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-658 Summary ======= The package lib32-libvorbis before version 1.3.6-1 is vulnerable to multiple issues including arbitrary code execution and denial of service. Resolution ========== Upgrade to 1.3.6-1. # pacman -Syu "lib32-libvorbis>=1.3.6-1" The problems have been fixed upstream in version 1.3.6. Workaround ========== None. Description =========== - CVE-2017-14632 (arbitrary code execution) fXiph.Org libvorbis before 1.3.6 allows remote code execution upon freeing uninitialized memory in the function vorbis_analysis_headerout() in info.c when vi->channels<=0, a similar issue to Mozilla bug 550184. - CVE-2017-14633 (denial of service) In Xiph.Org libvorbis before 1.3.6, an out-of-bounds array read vulnerability exists in the function mapping0_forward() in mapping0.c, which may lead to DoS when operating on a crafted audio file with vorbis_analysis(). - CVE-2018-5146 (arbitrary code execution) An out of bounds memory write vulnerability has been discovered in libvorbis before 1.3.6 while processing Vorbis audio data related to codebooks that are not an exact divisor of the partition size. Impact ====== A remote attacker is able to execute arbitrary code or crash the application by tricking the user into playing a specially crafted vorbis file. References ========== https://github.com/xiph/vorbis/commit/c1c2831fc7306d5fbd7bc800324efd12b28d327f https://github.com/xiph/vorbis/commit/a79ec216cd119069c68b8f3542c6a425a74ab993 https://github.com/xiph/vorbis/commit/667ceb4aab60c1f74060143bb24e5f427b3cce5f http://seclists.org/oss-sec/2018/q1/243 https://security.archlinux.org/CVE-2017-14632 https://security.archlinux.org/CVE-2017-14633 https://security.archlinux.org/CVE-2018-5146