Bug 1141339 - (CVE-2019-1010317) VUL-1: CVE-2019-1010317: wavpack: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The at
(CVE-2019-1010317)
VUL-1: CVE-2019-1010317: wavpack: Use of Uninitialized Variable. The impact i...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/236993/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-07-12 15:45 UTC by Marcus Meissner
Modified: 2019-11-15 07:00 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
uninit-caff.wav (35 bytes, audio/wav)
2019-07-12 15:47 UTC, Marcus Meissner
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2019-07-12 15:45:14 UTC
CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized
Variable. The impact is: Unexpected control flow, crashes, and segfaults. The
component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is:
Maliciously crafted .wav file. The fixed version is: After commit
https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010317
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010317.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010317
https://github.com/dbry/WavPack/issues/66
https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b
Comment 1 Marcus Meissner 2019-07-12 15:47:26 UTC
Created attachment 810339 [details]
uninit-caff.wav

QA REPRODUCER:

valgrind wavpack uninit-caff.wav

should not report uninit memory
Comment 2 Marcus Meissner 2019-07-12 15:47:43 UTC
code seems not in SLE15 or older. so probably just factory.
Comment 3 Tomáš Chvátal 2019-08-14 10:13:32 UTC
Update sent to TW.
Comment 4 Swamp Workflow Management 2019-08-14 10:50:20 UTC
This is an autogenerated message for OBS integration:
This bug (1141339) was mentioned in
https://build.opensuse.org/request/show/723265 Factory / wavpack
Comment 5 Marcus Meissner 2019-11-15 07:00:15 UTC
fixed