AVG-76

Package gst-plugins-bad
Status Fixed
Severity High
Type multiple issues
Affected 1.10.0-1
Fixed 1.10.2-2
Current 1.14.1-2 [extra]
Ticket None
Created Sat Nov 19 23:07:51 2016
Issue Severity Remote Type Description
CVE-2016-9446 Low Yes Information disclosure
An information disclosure vulnerability has been discovered in the render canvas functionality of gst-plugins-bad due to the lack of initializing the...
CVE-2016-9445 High Yes Arbitrary code execution
The vmnc decoder in gst-plugins-bad of the gstreamer code base contains a width * height * depth integer overflow in the allocation of the render buffer...
Date Advisory Package Description
02 Jan 2017 ASA-201701-3 gst-plugins-bad multiple issues
References
http://www.openwall.com/lists/oss-security/2016/11/18/13
https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-risky-design-decisions-in.html
Notes
As of 1.10.1 (upstream) and 1.10.2-1 9445 and 9446 are fixed: https://gstreamer.freedesktop.org/releases/1.10/
I think we were never vulnerable to 9447: http://seclists.org/oss-sec/2016/q4/462