First Last Prev Next    This bug is not in your last search results.
Bug 1093701 - (CVE-2018-11224) VUL-1: CVE-2018-11224: libav: read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service
(CVE-2018-11224)
VUL-1: CVE-2018-11224: libav: read access violation in the in_table_init16 fu...
Status: RESOLVED INVALID
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.0
Other Other
: P4 - Low : Normal (vote)
: ---
Assigned To: Antonio Larrosa
Security Team bot
https://smash.suse.de/issue/205946/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-05-17 12:48 UTC by Karol Babioch
Modified: 2018-05-22 16:32 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Karol Babioch 2018-05-17 12:48:02 UTC 
CVE-2018-11224

An issue was discovered in Libav 12.3. A read access violation in the
in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause
a denial of service (application crash), as demonstrated by avconv.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11224
https://docs.google.com/document/d/16_HC-FjFuBNMbaoR397z_3EwpDP6wb1DNWrfkD4qRDE/edit
https://bugzilla.libav.org/show_bug.cgi?id=1129
Comment 1 Antonio Larrosa 2018-05-22 16:32:41 UTC 
Before the %build section is executed in the libav.spec file, the %prep section does:

rm -Rf libavcodec libavdevice libavfilter libavformat libavresample libavutil libswscale

We use the ffmpeg's libavcodec library provided by ffmpeg to just build avconv from the libav sources. Since we don't use libav's libavcodec I'll mark this as INVALID.

Please resubmit/reassign the bug to ffmpeg if you think it applies there.
First Last Prev Next    This bug is not in your last search results.