Bug 1059913 - (CVE-2017-14246) VUL-0: CVE-2017-14246: libsndfile: out of bounds read in the function d2ulaw_array() in ulaw.c
(CVE-2017-14246)
VUL-0: CVE-2017-14246: libsndfile: out of bounds read in the function d2ulaw_...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Takashi Iwai
Security Team bot
https://smash.suse.de/issue/192300/
CVSSv2:SUSE:CVE-2017-14246:5.0:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-09-22 08:01 UTC by Alexander Bergmann
Modified: 2020-07-26 18:00 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-09-22 08:01:07 UTC
CVE-2017-14246

An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile
1.0.28 may lead to a remote DoS attack or information disclosure, related to
mishandling of the NAN and INFINITY floating-point values.

Upstream bug:
https://github.com/erikd/libsndfile/issues/317

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14246
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14246
Comment 1 Alexander Bergmann 2017-09-22 08:02:00 UTC
Reproducers and more details can be found in bsc#1059912.
Comment 2 Takashi Iwai 2017-09-22 08:06:46 UTC
I'll be on vacation, so please reassign to someone else.
Comment 4 Takashi Iwai 2017-12-19 15:54:37 UTC
The tentative fix was backported to multimedia:libs (TW), SUSE:SLE-12:Update and SUSE:SLE-11-SP1:Update.

It's not merged to upstream yet, but papers over the issues at least.
Comment 6 Swamp Workflow Management 2018-02-02 17:09:28 UTC
SUSE-SU-2018:0351-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1038856,1059911,1059912,1059913,1069874
CVE References: CVE-2017-14245,CVE-2017-14246,CVE-2017-14634,CVE-2017-16942
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    libsndfile-1.0.20-2.19.7.3
SUSE Linux Enterprise Server 11-SP4 (src):    libsndfile-1.0.20-2.19.7.3
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    libsndfile-1.0.20-2.19.7.3
Comment 7 Swamp Workflow Management 2018-02-02 17:10:39 UTC
SUSE-SU-2018:0352-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043978,1059911,1059912,1059913,1069874
CVE References: CVE-2017-14245,CVE-2017-14246,CVE-2017-14634,CVE-2017-16942,CVE-2017-6892
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libsndfile-1.0.25-36.7.2
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    libsndfile-1.0.25-36.7.2
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    libsndfile-1.0.25-36.7.2
SUSE Linux Enterprise Server 12-SP3 (src):    libsndfile-1.0.25-36.7.2
SUSE Linux Enterprise Server 12-SP2 (src):    libsndfile-1.0.25-36.7.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    libsndfile-1.0.25-36.7.2
SUSE Linux Enterprise Desktop 12-SP2 (src):    libsndfile-1.0.25-36.7.2
Comment 8 Swamp Workflow Management 2018-02-07 23:07:41 UTC
openSUSE-SU-2018:0388-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1043978,1059911,1059912,1059913,1069874
CVE References: CVE-2017-14245,CVE-2017-14246,CVE-2017-14634,CVE-2017-16942,CVE-2017-6892
Sources used:
openSUSE Leap 42.3 (src):    libsndfile-1.0.25-31.1, libsndfile-progs-1.0.25-31.1
Comment 9 Marcus Meissner 2018-02-08 05:57:49 UTC
released
Comment 11 Swamp Workflow Management 2018-11-23 14:30:23 UTC
This is an autogenerated message for OBS integration:
This bug (1059913) was mentioned in
https://build.opensuse.org/request/show/651387 Factory / libsndfile