Bug 1034177 – VUL-0: CVE-2017-7865: ffmpeg: heap-based buffer overflow (ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c)

Bug 1034177 - (CVE-2017-7865) VUL-0: CVE-2017-7865: ffmpeg: heap-based buffer overflow (ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c)

(CVE-2017-7865)
Summary:	VUL-0: CVE-2017-7865: ffmpeg: heap-based buffer overflow (ipvideo_decode_bloc...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	unspecified
Assigned To:	Jan Engelhardt
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2017-04-14 11:14 UTC by Mikhail Kasimov
Modified:	2021-09-11 02:35 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mikhail Kasimov 2017-04-14 11:14:05 UTC

Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-7865

=============================================
Description

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.

Source:  MITRE      Last Modified:  04/14/2017
=============================================

Hyperlink:

[1] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=452

[2] https://github.com/FFmpeg/FFmpeg/commit/2080bc33717955a0e4268e738acf8c1eeddbf8cb

(open-)SUSE:

https://software.opensuse.org/package/ffmpeg

3.2.4 (TW, 42.2, official repo)
2.8.8 (42.1, official repo)

Comment 1 Bernhard Wiedemann 2017-04-18 16:01:31 UTC

This is an autogenerated message for OBS integration:
This bug (1034177) was mentioned in
https://build.opensuse.org/request/show/489106 42.2 / ffmpeg

Comment 2 Bernhard Wiedemann 2017-04-18 18:01:37 UTC

This is an autogenerated message for OBS integration:
This bug (1034177) was mentioned in
https://build.opensuse.org/request/show/489155 42.1 / ffmpeg

Comment 3 Swamp Workflow Management 2017-04-28 10:09:37 UTC

openSUSE-SU-2017:1121-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1022920,1022921,1022922,1034176,1034177,1034179,1034181,1034183
CVE References: CVE-2016-10190,CVE-2016-10191,CVE-2016-10192,CVE-2017-7859,CVE-2017-7862,CVE-2017-7863,CVE-2017-7865,CVE-2017-7866
Sources used:
openSUSE Leap 42.2 (src):    ffmpeg-3.3-6.6.1

Comment 4 Swamp Workflow Management 2017-05-29 16:10:01 UTC

openSUSE-SU-2017:1433-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1015120,1022920,1022921,1022922,1034176,1034177,1034179
CVE References: CVE-2016-10190,CVE-2016-10191,CVE-2016-10192,CVE-2016-9561,CVE-2017-7863,CVE-2017-7865,CVE-2017-7866
Sources used:
openSUSE Leap 42.2 (src):    ffmpeg2-2.8.11-25.3.1

Comment 5 Swamp Workflow Management 2017-06-11 13:12:57 UTC

openSUSE-SU-2017:1532-1: An update that solves 6 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1015120,1022921,1022922,1034176,1034177,1034179,980542
CVE References: CVE-2016-10191,CVE-2016-10192,CVE-2016-9561,CVE-2017-7863,CVE-2017-7865,CVE-2017-7866
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    ffmpeg2-2.8.11-12.1

Comment 6 Marcus Meissner 2017-06-12 06:59:04 UTC

released

Comment 7 Swamp Workflow Management 2017-09-15 22:13:39 UTC

openSUSE-SU-2017:2502-1: An update that solves 20 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1015120,1022920,1022921,1022922,1034176,1034177,1034179,1046211,1049095,1056760,1056761,1056762,1056763,1056765,1056766,1057536,1057537,1057539,1058018,1058019,1058020
CVE References: CVE-2016-10190,CVE-2016-10191,CVE-2016-10192,CVE-2016-9561,CVE-2017-11399,CVE-2017-14054,CVE-2017-14055,CVE-2017-14056,CVE-2017-14057,CVE-2017-14058,CVE-2017-14059,CVE-2017-14169,CVE-2017-14170,CVE-2017-14171,CVE-2017-14222,CVE-2017-14223,CVE-2017-14225,CVE-2017-7863,CVE-2017-7865,CVE-2017-7866
Sources used:
openSUSE Leap 42.3 (src):    ffmpeg-3.3.4-7.1, ffmpeg2-2.8.13-32.1, lame-3.99.5-2.1, twolame-0.3.13-2.1

Comment 8 Swamp Workflow Management 2018-07-18 14:40:36 UTC

This is an autogenerated message for OBS integration:
This bug (1034177) was mentioned in
https://build.opensuse.org/request/show/623663 15.0+42.3+Backports:SLE-12-SP2 / chromium+codec2+ffmpeg-2+ffmpeg-3+ffmpeg-4+libsodium+libvpx-1_6+zeromq