Bug 1141339 – VUL-1: CVE-2019-1010317: wavpack: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The at

Bug 1141339 - (CVE-2019-1010317) VUL-1: CVE-2019-1010317: wavpack: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The at

(CVE-2019-1010317)
Summary:	VUL-1: CVE-2019-1010317: wavpack: Use of Uninitialized Variable. The impact i...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/236993/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-07-12 15:45 UTC by Marcus Meissner
Modified:	2019-11-15 07:00 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
uninit-caff.wav (35 bytes, audio/wav) 2019-07-12 15:47 UTC, Marcus Meissner	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2019-07-12 15:45:14 UTC

CVE-2019-1010317

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized
Variable. The impact is: Unexpected control flow, crashes, and segfaults. The
component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is:
Maliciously crafted .wav file. The fixed version is: After commit
https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010317
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010317.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010317
https://github.com/dbry/WavPack/issues/66
https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b

Comment 1 Marcus Meissner 2019-07-12 15:47:26 UTC

Created attachment 810339 [details]
uninit-caff.wav

QA REPRODUCER:

valgrind wavpack uninit-caff.wav

should not report uninit memory

Comment 2 Marcus Meissner 2019-07-12 15:47:43 UTC

code seems not in SLE15 or older. so probably just factory.

Comment 3 Tomáš Chvátal 2019-08-14 10:13:32 UTC

Update sent to TW.

Comment 4 Swamp Workflow Management 2019-08-14 10:50:20 UTC

This is an autogenerated message for OBS integration:
This bug (1141339) was mentioned in
https://build.opensuse.org/request/show/723265 Factory / wavpack

Comment 5 Marcus Meissner 2019-11-15 07:00:15 UTC

fixed