Gentoo update for libav
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2015-3395 CVE-2015-3417 CVE-2016-1897 CVE-2016-1898 CVE-2016-2326 CVE-2016-3062 |
| CWE-ID | CWE-119 CWE-20 CWE-200 CWE-190 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gentoo Linux Operating systems & Components / Operating system media-video/libav Operating systems & Components / Operating system package or component |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU110590
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3395
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.
MitigationUpdate the affected packages.
media-video/libav to version: 11.8
Gentoo Linux: All versions
media-video/libav: before 11.8
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:media-video_libav:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/201705-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU40808
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2015-3417
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data.
MitigationUpdate the affected packages.
media-video/libav to version: 11.8
Gentoo Linux: All versions
media-video/libav: before 11.8
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:media-video_libav:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/201705-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU32353
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-1897
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to gain access to sensitive information.
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.
MitigationUpdate the affected packages.
media-video/libav to version: 11.8
Gentoo Linux: All versions
media-video/libav: before 11.8
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:media-video_libav:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/201705-08
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU32354
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-1898
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to gain access to sensitive information.
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.
MitigationUpdate the affected packages.
media-video/libav to version: 11.8
Gentoo Linux: All versions
media-video/libav: before 11.8
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:media-video_libav:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/201705-08
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Integer overflow
EUVDB-ID: #VU110570
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-2326
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
MitigationUpdate the affected packages.
media-video/libav to version: 11.8
Gentoo Linux: All versions
media-video/libav: before 11.8
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:media-video_libav:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/201705-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU110568
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2016-3062
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
MitigationUpdate the affected packages.
media-video/libav to version: 11.8
Gentoo Linux: All versions
media-video/libav: before 11.8
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:gentoo:media-video_libav:*:*:*:*:*:gentoo_linux:*:*
https://security.gentoo.org/glsa/201705-08
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
