SB2017020314 - Arch Linux update for gst-plugins-base-libs

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Division by zero (CVE-ID: CVE-2017-5837)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted video file.

2) Uncontrolled Recursion (CVE-ID: CVE-2017-5839)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 does not properly limit recursion, which allows remote attackers to cause a denial of service (stack overflow and crash) via vectors involving nested WAVEFORMATEX.

3) Out-of-bounds write (CVE-ID: CVE-2017-5842)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The html_context_handle_element function in gst/subparse/samiparse.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted SMI file, as demonstrated by OneNote_Manager.smi.

4) Division by zero (CVE-ID: CVE-2017-5844)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

The gst_riff_create_audio_caps function in gst-libs/gst/riff/riff-media.c in gst-plugins-base in GStreamer before 1.10.3 allows remote attackers to cause a denial of service (floating point exception and crash) via a crafted ASF file.

Remediation

Install update from vendor's website.

References

• https://security.archlinux.org/advisory/ASA-201702-4