Bug 1057537 - (CVE-2017-14170) VUL-0: CVE-2017-14170: ffmpeg: DoS in mxf_read_index_entry_array() due to lack of an EOF check
VUL-0: CVE-2017-14170: ffmpeg: DoS in mxf_read_index_entry_array() due to lac...
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 42.2
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Security Team bot
E-mail List
Depends on:
  Show dependency treegraph
Reported: 2017-09-07 08:25 UTC by Alexander Bergmann
Modified: 2021-09-11 02:36 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-09-07 08:25:48 UTC

In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in
mxf_read_index_entry_array() due to lack of an EOF (End of File) check
might cause huge CPU consumption. When a crafted MXF file, which claims
a large "nb_index_entries" field in the header but does not contain
sufficient backing data, is provided, the loop would consume huge CPU
resources, since there is no EOF check inside the loop. Moreover, this
big loop can be invoked multiple times if there is more than one
applicable data segment in the crafted MXF file.

Upstream fix:

Comment 1 Jan Engelhardt 2017-09-07 08:38:51 UTC
Already fixed in ffmpeg2-2.8.13 submitted yesterday, but we need an ffmpeg(3) update then.
Comment 2 Bernhard Wiedemann 2017-09-07 10:00:52 UTC
This is an autogenerated message for OBS integration:
This bug (1057537) was mentioned in
https://build.opensuse.org/request/show/521960 42.2 / ffmpeg2
https://build.opensuse.org/request/show/521961 42.3 / ffmpeg2
https://build.opensuse.org/request/show/521963 42.3 / ffmpeg
https://build.opensuse.org/request/show/521964 42.2 / ffmpeg
Comment 3 Andreas Stieger 2017-09-15 18:36:34 UTC
releasing for Leap 42.2, 42.3
Comment 4 Swamp Workflow Management 2017-09-15 22:11:44 UTC
openSUSE-SU-2017:2501-1: An update that solves 13 vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1041794,1046211,1049095,1056760,1056761,1056762,1056763,1056765,1056766,1057536,1057537,1057539,1058018,1058019,1058020
CVE References: CVE-2017-11399,CVE-2017-14054,CVE-2017-14055,CVE-2017-14056,CVE-2017-14057,CVE-2017-14058,CVE-2017-14059,CVE-2017-14169,CVE-2017-14170,CVE-2017-14171,CVE-2017-14222,CVE-2017-14223,CVE-2017-14225
Sources used:
openSUSE Leap 42.2 (src):    ffmpeg-3.3.4-6.16.1, ffmpeg2-2.8.13-25.10.1, lame-3.99.5-2.1, twolame-0.3.13-2.1
Comment 5 Swamp Workflow Management 2017-09-15 22:15:29 UTC
openSUSE-SU-2017:2502-1: An update that solves 20 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1015120,1022920,1022921,1022922,1034176,1034177,1034179,1046211,1049095,1056760,1056761,1056762,1056763,1056765,1056766,1057536,1057537,1057539,1058018,1058019,1058020
CVE References: CVE-2016-10190,CVE-2016-10191,CVE-2016-10192,CVE-2016-9561,CVE-2017-11399,CVE-2017-14054,CVE-2017-14055,CVE-2017-14056,CVE-2017-14057,CVE-2017-14058,CVE-2017-14059,CVE-2017-14169,CVE-2017-14170,CVE-2017-14171,CVE-2017-14222,CVE-2017-14223,CVE-2017-14225,CVE-2017-7863,CVE-2017-7865,CVE-2017-7866
Sources used:
openSUSE Leap 42.3 (src):    ffmpeg-3.3.4-7.1, ffmpeg2-2.8.13-32.1, lame-3.99.5-2.1, twolame-0.3.13-2.1
Comment 6 Swamp Workflow Management 2018-07-18 14:41:46 UTC
This is an autogenerated message for OBS integration:
This bug (1057537) was mentioned in
https://build.opensuse.org/request/show/623663 15.0+42.3+Backports:SLE-12-SP2 / chromium+codec2+ffmpeg-2+ffmpeg-3+ffmpeg-4+libsodium+libvpx-1_6+zeromq