First Last Prev Next    This bug is not in your last search results.
Bug 1057537 - (CVE-2017-14170) VUL-0: CVE-2017-14170: ffmpeg: DoS in mxf_read_index_entry_array() due to lack of an EOF check
(CVE-2017-14170)
VUL-0: CVE-2017-14170: ffmpeg: DoS in mxf_read_index_entry_array() due to lac...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 42.2
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-09-07 08:25 UTC by Alexander Bergmann
Modified: 2021-09-11 02:36 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-09-07 08:25:48 UTC 
CVE-2017-14170

In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in
mxf_read_index_entry_array() due to lack of an EOF (End of File) check
might cause huge CPU consumption. When a crafted MXF file, which claims
a large "nb_index_entries" field in the header but does not contain
sufficient backing data, is provided, the loop would consume huge CPU
resources, since there is no EOF check inside the loop. Moreover, this
big loop can be invoked multiple times if there is more than one
applicable data segment in the crafted MXF file.

Upstream fix:
https://github.com/FFmpeg/FFmpeg/commit/900f39692ca0337a98a7cf047e4e2611071810c2

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14170
Comment 1 Jan Engelhardt 2017-09-07 08:38:51 UTC 
Already fixed in ffmpeg2-2.8.13 submitted yesterday, but we need an ffmpeg(3) update then.
Comment 2 Bernhard Wiedemann 2017-09-07 10:00:52 UTC 
This is an autogenerated message for OBS integration:
This bug (1057537) was mentioned in
https://build.opensuse.org/request/show/521960 42.2 / ffmpeg2
https://build.opensuse.org/request/show/521961 42.3 / ffmpeg2
https://build.opensuse.org/request/show/521963 42.3 / ffmpeg
https://build.opensuse.org/request/show/521964 42.2 / ffmpeg
Comment 3 Andreas Stieger 2017-09-15 18:36:34 UTC 
releasing for Leap 42.2, 42.3
Comment 4 Swamp Workflow Management 2017-09-15 22:11:44 UTC 
openSUSE-SU-2017:2501-1: An update that solves 13 vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1041794,1046211,1049095,1056760,1056761,1056762,1056763,1056765,1056766,1057536,1057537,1057539,1058018,1058019,1058020
CVE References: CVE-2017-11399,CVE-2017-14054,CVE-2017-14055,CVE-2017-14056,CVE-2017-14057,CVE-2017-14058,CVE-2017-14059,CVE-2017-14169,CVE-2017-14170,CVE-2017-14171,CVE-2017-14222,CVE-2017-14223,CVE-2017-14225
Sources used:
openSUSE Leap 42.2 (src):    ffmpeg-3.3.4-6.16.1, ffmpeg2-2.8.13-25.10.1, lame-3.99.5-2.1, twolame-0.3.13-2.1
Comment 5 Swamp Workflow Management 2017-09-15 22:15:29 UTC 
openSUSE-SU-2017:2502-1: An update that solves 20 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1015120,1022920,1022921,1022922,1034176,1034177,1034179,1046211,1049095,1056760,1056761,1056762,1056763,1056765,1056766,1057536,1057537,1057539,1058018,1058019,1058020
CVE References: CVE-2016-10190,CVE-2016-10191,CVE-2016-10192,CVE-2016-9561,CVE-2017-11399,CVE-2017-14054,CVE-2017-14055,CVE-2017-14056,CVE-2017-14057,CVE-2017-14058,CVE-2017-14059,CVE-2017-14169,CVE-2017-14170,CVE-2017-14171,CVE-2017-14222,CVE-2017-14223,CVE-2017-14225,CVE-2017-7863,CVE-2017-7865,CVE-2017-7866
Sources used:
openSUSE Leap 42.3 (src):    ffmpeg-3.3.4-7.1, ffmpeg2-2.8.13-32.1, lame-3.99.5-2.1, twolame-0.3.13-2.1
Comment 6 Swamp Workflow Management 2018-07-18 14:41:46 UTC 
This is an autogenerated message for OBS integration:
This bug (1057537) was mentioned in
https://build.opensuse.org/request/show/623663 15.0+42.3+Backports:SLE-12-SP2 / chromium+codec2+ffmpeg-2+ffmpeg-3+ffmpeg-4+libsodium+libvpx-1_6+zeromq
First Last Prev Next    This bug is not in your last search results.