Bug 1013653 – VUL-0: CVE-2016-9808: gstreamer-plugins-good: still a bug in flic decoder

Bug 1013653 - (CVE-2016-9808) VUL-0: CVE-2016-9808: gstreamer-plugins-good: still a bug in flic decoder

(CVE-2016-9808)
Summary:	VUL-0: CVE-2016-9808: gstreamer-plugins-good: still a bug in flic decoder

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assigned To:	Michael Gorse
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/177107/
Whiteboard:	CVSSv2:SUSE:CVE-2016-9808:8.3:(AV:N/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2016-12-05 12:49 UTC by Matthias Gerstner
Modified:	2017-07-11 15:18 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Gerstner 2016-12-05 12:49:43 UTC

Use CVE-2016-9808 for this Chris Evans discovery. (As far as we can
tell, this "second flic bug" exists because of an incomplete fix for
CVE-2016-9635.)

This issue is related to bug #1012103 (CVE-2016-9635)

A maliciously crafted flic file can still cause invalid memory accesses.

References:
https://scarybeastsecurity.blogspot.de/2016/11/0day-poc-incorrect-fix-for-gstreamer.html
http://seclists.org/oss-sec/2016/q4/589
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9808

Comment 1 Matthias Gerstner 2016-12-05 12:52:06 UTC

QA reproducer: Playing the following media file:

https://security.appspot.com/security/flic/crash_delta_fli_2.flx

will crash with a segmentation fault. Verified using SLE-12-SP2 using:

gst-play-1.0 crash_delta_fli_2.flx

The flic decoder code in question is contained in both code streams SLE-12:Update and SLE-12-SP2:Update.

Comment 2 Swamp Workflow Management 2016-12-05 23:00:49 UTC

bugbot adjusting priority

Comment 5 Swamp Workflow Management 2016-12-29 12:09:23 UTC

SUSE-SU-2016:3288-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
SUSE Linux Enterprise Server 12-SP1 (src):    gstreamer-plugins-good-1.2.4-2.3.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    gstreamer-plugins-good-1.2.4-2.3.1

Comment 6 Swamp Workflow Management 2016-12-30 17:08:51 UTC

SUSE-SU-2016:3303-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    gstreamer-plugins-good-1.8.3-9.1
SUSE Linux Enterprise Server 12-SP2 (src):    gstreamer-plugins-good-1.8.3-9.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    gstreamer-plugins-good-1.8.3-9.1

Comment 9 Bernhard Wiedemann 2017-01-06 19:00:50 UTC

This is an autogenerated message for OBS integration:
This bug (1013653) was mentioned in
https://build.opensuse.org/request/show/449006 42.1 / gstreamer-plugins-good

Comment 11 Bernhard Wiedemann 2017-01-06 23:01:05 UTC

This is an autogenerated message for OBS integration:
This bug (1013653) was mentioned in
https://build.opensuse.org/request/show/449025 13.2 / gstreamer-plugins-good
https://build.opensuse.org/request/show/449028 13.2 / gstreamer-0_10-plugins-good

Comment 12 Swamp Workflow Management 2017-01-08 00:15:31 UTC

openSUSE-SU-2017:0071-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
openSUSE Leap 42.2 (src):    gstreamer-plugins-good-1.8.3-3.1

Comment 14 Swamp Workflow Management 2017-01-11 18:08:38 UTC

SUSE-RU-2017:0106-1: An update that has two recommended fixes can now be installed.

Category: recommended (important)
Bug References: 1013653,1013655
CVE References: 
Sources used:
SUSE Linux Enterprise Server for SAP 12 (src):    gstreamer-plugins-good-1.2.4-2.6.1
SUSE Linux Enterprise Server 12-SP1 (src):    gstreamer-plugins-good-1.2.4-2.6.1
SUSE Linux Enterprise Server 12-LTSS (src):    gstreamer-plugins-good-1.2.4-2.6.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    gstreamer-plugins-good-1.2.4-2.6.1

Comment 15 Swamp Workflow Management 2017-01-16 18:11:17 UTC

openSUSE-SU-2017:0141-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
openSUSE Leap 42.1 (src):    gstreamer-plugins-good-1.4.5-5.1

Comment 16 Swamp Workflow Management 2017-01-16 18:18:29 UTC

openSUSE-SU-2017:0151-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
openSUSE 13.2 (src):    gstreamer-plugins-good-1.4.3-3.1

Comment 17 Swamp Workflow Management 2017-01-16 18:25:33 UTC

openSUSE-SU-2017:0160-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
openSUSE 13.2 (src):    gstreamer-0_10-plugins-good-0.10.31-13.3.1

Comment 18 Bernhard Wiedemann 2017-01-18 15:01:08 UTC

This is an autogenerated message for OBS integration:
This bug (1013653) was mentioned in
https://build.opensuse.org/request/show/451210 42.1 / gstreamer-0_10-plugins-good

Comment 19 Swamp Workflow Management 2017-01-19 20:10:45 UTC

SUSE-SU-2017:0210-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    gstreamer-0_10-plugins-good-0.10.31-16.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    gstreamer-0_10-plugins-good-0.10.31-16.1

Comment 20 Swamp Workflow Management 2017-01-20 16:09:34 UTC

SUSE-SU-2017:0225-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
SUSE Linux Enterprise Server 11-SP4 (src):    gstreamer-0_10-plugins-good-0.10.30-5.14.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    gstreamer-0_10-plugins-good-0.10.30-5.14.1

Comment 21 Swamp Workflow Management 2017-01-20 17:10:37 UTC

SUSE-SU-2017:0237-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    gstreamer-0_10-plugins-good-0.10.31-13.3.3
SUSE Linux Enterprise Desktop 12-SP1 (src):    gstreamer-0_10-plugins-good-0.10.31-13.3.3

Comment 22 Swamp Workflow Management 2017-01-27 16:11:31 UTC

openSUSE-SU-2017:0298-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
openSUSE Leap 42.1 (src):    gstreamer-0_10-plugins-good-0.10.31-16.1

Comment 23 Bernhard Wiedemann 2017-03-06 21:01:52 UTC

This is an autogenerated message for OBS integration:
This bug (1013653) was mentioned in
https://build.opensuse.org/request/show/477344 42.2 / gstreamer-0_10-plugins-good

Comment 24 Swamp Workflow Management 2017-03-29 16:10:20 UTC

openSUSE-SU-2017:0847-1: An update that fixes 6 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1012102,1012103,1012104,1013653,1013655,1013663
CVE References: CVE-2016-9634,CVE-2016-9635,CVE-2016-9636,CVE-2016-9807,CVE-2016-9808,CVE-2016-9810
Sources used:
openSUSE Leap 42.2 (src):    gstreamer-0_10-plugins-good-0.10.31-17.3.1

Comment 25 Johannes Segitz 2017-07-11 15:18:39 UTC

fixed