Bugzilla – Bug 1003017
VUL-0: CVE-2016-5407: xorg-x11-libXv, libXv: Insufficient validation cause out of boundary memory and memory corruption issues
Last modified: 2017-10-26 05:46:37 UTC
Insufficient validation of data from the X server can cause out of boundary memory and memory corruption. Affected versions libXv <= 1.0.10 CVE-2016-5407 Upstream fix: https://cgit.freedesktop.org/xorg/lib/libXv/commit/?id=d9da580b46a28ab497de2e94fdc7b9ff953dab17 Mitre hinted that additional information might be available at https://access.redhat.com/security/cve/cve-2016-5407 in the next days. References: https://access.redhat.com/security/cve/cve-2016-5407 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5407 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5407.html
Fix submitrequested for SUSE:SLE-12-SP2:GA (also covers Leap 42.2).
bugbot adjusting priority
SUSE-SU-2016:2505-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023 CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2 SUSE Linux Enterprise Server 12-SP1 (src): libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2 SUSE Linux Enterprise Desktop 12-SP1 (src): libX11-1.6.2-6.2, libXfixes-5.0.1-5.2, libXi-1.7.4-12.2, libXrandr-1.4.2-5.2, libXrender-0.9.8-5.2, libXtst-1.2.2-5.2, libXv-1.0.10-5.2, libXvMC-1.0.8-5.2
openSUSE-SU-2016:2600-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023 CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953 Sources used: openSUSE Leap 42.1 (src): libX11-1.6.3-6.1, libXfixes-5.0.1-7.1, libXi-1.7.5-3.1, libXrandr-1.5.0-3.1, libXrender-0.9.9-3.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.9-3.1
Still tracking SLE 11 xorg-x11-libXv as affected.
(In reply to Andreas Stieger from comment #6) > Still tracking SLE 11 xorg-x11-libXv as affected. Of course. I stopped working on this sec. update a long time ago.
SUSE-SU-2016:2828-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1002991,1002995,1002998,1003000,1003002,1003012,1003017,1003023 CVE References: CVE-2016-5407,CVE-2016-7942,CVE-2016-7944,CVE-2016-7945,CVE-2016-7946,CVE-2016-7947,CVE-2016-7948,CVE-2016-7949,CVE-2016-7950,CVE-2016-7951,CVE-2016-7952,CVE-2016-7953 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1 SUSE Linux Enterprise Server 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1 SUSE Linux Enterprise Desktop 12-SP2 (src): libX11-1.6.2-8.1, libXfixes-5.0.1-7.1, libXi-1.7.4-14.1, libXrender-0.9.8-7.1, libXtst-1.2.2-7.1, libXv-1.0.10-7.1, libXvMC-1.0.8-7.1
https://lists.freedesktop.org/archives/xorg-devel/2016-October/051686.html https://lists.freedesktop.org/archives/xorg-devel/2016-October/051687.html https://lists.freedesktop.org/archives/xorg-devel/2016-October/051688.html Will these help? Thats what I found so far from upstream acknowleding the previously introduced memleaks.
Thanks. This is very useful. Now I can continue working on this. :-)
This is an autogenerated message for OBS integration: This bug (1003017) was mentioned in https://build.opensuse.org/request/show/441822 13.2 / libXv
sle10 also done. Reassigning to security team.
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-12-14. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/63232
openSUSE-SU-2016:3033-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1003017 CVE References: CVE-2016-5407 Sources used: openSUSE 13.2 (src): libXv-1.0.10-4.3.1
SUSE-SU-2016:3110-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1003017 CVE References: CVE-2016-5407 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): xorg-x11-libXv-7.4-1.20.1 SUSE Linux Enterprise Server 11-SP4 (src): xorg-x11-libXv-7.4-1.20.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): xorg-x11-libXv-7.4-1.20.1
released