AVG-205 log

Package audiofile
Status Fixed
Severity High
Type multiple issues
Affected 0.3.6-3
Fixed 0.3.6-4
Current 0.3.6-9 [extra]
Ticket None
Created Mon Mar 13 21:12:32 2017
Issue Severity Remote Type Description
CVE-2017-6839 Medium No Denial of service
Integer overflow in sfconvert with the MSADPCM module.
CVE-2017-6838 Medium No Denial of service
Integer overflow with the sfconvert command.
CVE-2017-6837 Medium No Denial of service
Integer overflow triggering an assertion on the WAVE module using sfconvert.
CVE-2017-6836 High No Arbitrary command execution
audiofile: heap-based buffer overflow in Expand3To4Module::run (SimpleModule.h)
CVE-2017-6835 Low No Denial of service
Divide-by-zero triggers crash in BlockCodec::reset1 (BlockCodec.cpp)
CVE-2017-6834 High No Arbitrary code execution
Heap-based buffer overflow in ulaw2linear_buf (G711.cpp)
CVE-2017-6833 Low No Denial of service
Divide-by-zero triggers a crash  in BlockCodec::runPull (BlockCodec.cpp)
CVE-2017-6832 High No Arbitrary code execution
Heap-based buffer overflow in MSADPCM::decodeBlock (MSADPCM.cpp) that could lead to arbitrary code execution.
CVE-2017-6831 High No Arbitrary code execution
Heap-based buffer overflow in IMA::decodeBlockWAVE (IMA.cpp) that could lead to arbitrary code execution.
CVE-2017-6830 High No Arbitrary code execution
Heap-based buffer overflow in alaw2linear_buf that could lead to arbitrary code execution.
CVE-2017-6829 High No Arbitrary code execution
Global buffer overflow in decodesample (ima.cpp) that could lead to arbitrary code execution
CVE-2017-6828 High No Arbitrary code execution
Heap-based buffer overflow in readValue (filehandle.cpp) could lead to arbitrary code execution.
CVE-2017-6827 High No Arbitrary code execution
Heap-based buffer overflow in msdapcmInitializeCoefficients (msadcpcm.cpp) could lead to arbitrary code execution.
Date Advisory Package Type
14 Aug 2017 ASA-201708-9 audiofile multiple issues
References
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/