OpenSUSE Linux update for ffmpeg-4



Published: 2018-09-15
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2018-13300
CVE-2018-15822
CWE-ID CWE-125
CWE-617
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		SUSE Package Hub for SUSE Linux Enterprise
Universal components / Libraries / Libraries used by multiple products

Vendor SUSE

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU14018

Risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-13300

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c. A remote attacker can supply specially crafted AVI file to MPEG4, trick the victim into converting it, trigger out-of-bounds read and cause the service to crash or possibly access arbitrary data

Mitigation

Update the affected packages.

Vulnerable software versions

SUSE Package Hub for SUSE Linux Enterprise: 12

External links

http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00032.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Assertion failure

EUVDB-ID: #VU14532

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15822

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient checks for an empty audio packet by the flv_write_packet function, as defined in the libavformat/flvenc.c source code file. A local attacker can access the system and execute a specially crafted application that submits malicious input to trigger an assertion failure and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

SUSE Package Hub for SUSE Linux Enterprise: 12

External links

http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00032.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###