First Last Prev Next    This bug is not in your last search results.
Bug 1015941 - (CVE-2016-9957) VUL-0: CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961: libgme: Arbitrary code execution via malformed SPC music file
(CVE-2016-9957)
VUL-0: CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
CVSSv2:SUSE:CVE-2016-9959:5.1:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-16 08:59 UTC by Mikhail Kasimov
Modified: 2017-06-15 20:08 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Proposed patch by the researcher (1.47 KB, patch)
2016-12-16 09:21 UTC, Johannes Segitz 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2016-12-16 08:59:36 UTC 
References:[1] http://seclists.org/oss-sec/2016/q4/682
=========================================================

[1]: Hi

As reported by Chris Evans via

http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html

Incorrect emulation of the SPC700 audio co-processor of the Super
Nintendo Entertainment System allows the execution of arbitrary code
if a malformed SPC music file is opened.

Debian released a DSA for this issue (in the qemu-music-emu source
package):

https://lists.debian.org/debian-security-announce/2016/msg00318.html

Could you please assign a CVE for this issue.

Regards,
Salvatore
=========================================================

[2] Vuln Description with Patch: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html

Assigned CVEs:

[3] http://seclists.org/oss-sec/2016/q4/692

CVE-2016-9958
CVE-2016-9959
CVE-2016-9960
CVE-2016-9961
Comment 1 Johannes Segitz 2016-12-16 09:21:45 UTC 
Created attachment 706714 [details]
Proposed patch by the researcher
Comment 3 Swamp Workflow Management 2016-12-16 23:00:29 UTC 
bugbot adjusting priority
Comment 4 Swamp Workflow Management 2016-12-22 19:07:33 UTC 
SUSE-SU-2016:3250-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1015941
CVE References: CVE-2016-9957,CVE-2016-9958,CVE-2016-9959,CVE-2016-9960,CVE-2016-9961
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    libgme-0.6.0-5.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    libgme-0.6.0-5.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    libgme-0.6.0-5.1
SUSE Linux Enterprise Server 12-SP2 (src):    libgme-0.6.0-5.1
SUSE Linux Enterprise Server 12-SP1 (src):    libgme-0.6.0-5.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    libgme-0.6.0-5.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    libgme-0.6.0-5.1
Comment 5 Swamp Workflow Management 2017-01-04 17:07:44 UTC 
openSUSE-SU-2017:0022-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1015941
CVE References: CVE-2016-9957,CVE-2016-9958,CVE-2016-9959,CVE-2016-9960,CVE-2016-9961
Sources used:
openSUSE Leap 42.2 (src):    libgme-0.6.0-8.1
openSUSE Leap 42.1 (src):    libgme-0.6.0-7.1
Comment 6 Marcus Meissner 2017-06-15 20:08:01 UTC 
released
First Last Prev Next    This bug is not in your last search results.