oss-sec mailing list archives
lame: multiple vulnerabilities
From: Agostino Sarubbo <ago () gentoo org>
Date: Wed, 28 Jun 2017 14:03:16 +0200
Hello all. I discovered some crashes (which will follow one-by-one) in lame. Lame was fuzzed in the past by someone else so I take the opportunity during the CVE request to insert also some past bugs. 1) Invalid read - CVE-2015-9099 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775959 2) Null pointer dereference - CVE-2015-9100 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777160 3) Invalid read - CVE-2015-9100 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777161 However, mitre decided that the bug N°3, CVE-2015-9100, can share the same CVE ID of https://blogs.gentoo.org/ago/2017/06/17/lame-heap-based-buffer-overflow-in-fill_buffer_resample-util-c/ At this point, I'd like to mention that mitre won't assign anymore CVE IDs for issues related to the Undefined Behavior Sanitizer, unless there are informations about the exploitability. http://common-vulnerabilities-and-exposures-cve-board.1128451.n5.nabble.com/Current-standards-criteria-for-Undefined-Behavior-td730.html#a768 The CVE IDs assigned in the past for the undefined behavior issues remain valid. I will share anyway my findings about the undefined behavior issues. They include, for completeness, some bugs that regard the frontend. You can ignore them. -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- lame: multiple vulnerabilities Agostino Sarubbo (Jun 28)
- Re: lame: multiple vulnerabilities Dr. Thomas Orgis (Jun 28)
- Re: lame: multiple vulnerabilities Hanno Böck (Jun 28)
- Re: lame: multiple vulnerabilities Agostino Sarubbo (Jun 28)
- Re: lame: multiple vulnerabilities Hanno Böck (Jun 28)
- Re: lame: multiple vulnerabilities Dr. Thomas Orgis (Jun 28)