First Last Prev Next    This bug is not in your last search results.
Bug 1063450 - (CVE-2017-15371) VUL-0: CVE-2017-15371: sox: reachable assertion abort in the function sox_append_comment() in formats.c
(CVE-2017-15371)
VUL-0: CVE-2017-15371: sox: reachable assertion abort in the function sox_app...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Pavol Rusnak
Security Team bot
https://smash.suse.de/issue/193376/
CVSSv3:SUSE:CVE-2017-15371:5.3:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-16 08:40 UTC by Alexander Bergmann
Modified: 2018-02-20 23:41 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
QA Reproducer (51.80 KB, application/octet-stream)
2017-10-16 08:41 UTC, Alexander Bergmann 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-10-16 08:40:14 UTC 
rh#1500570

There is a reachable assertion abort in the function sox_append_comment() in
formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial
of service attack during conversion of an audio file.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1500570
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15371
Comment 1 Alexander Bergmann 2017-10-16 08:41:44 UTC 
Created attachment 744485 [details]
QA Reproducer

#> valgrind sox 03-abort out.wav
...
==5438== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
Segmentation fault
Comment 2 Swamp Workflow Management 2018-02-15 11:20:10 UTC 
This is an autogenerated message for OBS integration:
This bug (1063450) was mentioned in
https://build.opensuse.org/request/show/576953 42.3 / sox
Comment 3 Karol Babioch 2018-02-15 15:51:08 UTC 
SLE 10 is not affected, sicne flac support was only added in 13.0.0. Fixed in Leap 42.3 and Factory.
Comment 4 Swamp Workflow Management 2018-02-20 17:10:07 UTC 
openSUSE-SU-2018:0489-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1063439,1063450,1063456,1064576,1081140,1081141,1081142,1081146
CVE References: CVE-2017-11332,CVE-2017-11358,CVE-2017-11359,CVE-2017-15370,CVE-2017-15371,CVE-2017-15372,CVE-2017-15642,CVE-2017-18189
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    sox-14.4.2-5.1
Comment 5 Swamp Workflow Management 2018-02-20 17:12:57 UTC 
openSUSE-SU-2018:0493-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1063439,1063450,1063456,1064576,1081140,1081141,1081142,1081146
CVE References: CVE-2017-11332,CVE-2017-11358,CVE-2017-11359,CVE-2017-15370,CVE-2017-15371,CVE-2017-15372,CVE-2017-15642,CVE-2017-18189
Sources used:
openSUSE Leap 42.3 (src):    sox-14.4.2-5.3.1
First Last Prev Next    This bug is not in your last search results.