Bug 1172727 - (CVE-2020-13428) VUL-0: CVE-2020-13428: vlc: heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player
(CVE-2020-13428)
VUL-0: CVE-2020-13428: vlc: heap-based buffer overflow in the hxxx_AnnexB_to_...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.1
Other Other
: P3 - Medium : Minor (vote)
: ---
Assigned To: Dominique Leuenberger
Security Team bot
https://smash.suse.de/issue/260934/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-06-09 12:17 UTC by Wolfgang Frisch
Modified: 2021-01-20 05:16 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2020-06-09 12:17:01 UTC
CVE-2020-13428

A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13428
https://github.com/videolan/vlc-3.0/releases/tag/3.0.11
https://github.com/videolan/vlc/commits/master/modules/packetizer/hxxx_nal.c
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13428
http://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=d5c43c21c747ff30ed19fcca745dea3481c733e0
Comment 1 Dominique Leuenberger 2020-11-19 12:41:18 UTC
This was only an issue up to VLC 3.0.11; we already have 3.0.11.1 in the Leap 15.1/15.2 update channels.

I added the CVE/bug ref to the changelog entry for the 3.0.11 update.

As there is factually no change to the delivered package, I'll be submitting the change only once there is more stuff collected (e.g. 3.0.12)
Comment 2 OBSbugzilla Bot 2021-01-14 17:10:17 UTC
This is an autogenerated message for OBS integration:
This bug (1172727) was mentioned in
https://build.opensuse.org/request/show/863153 15.1 / vlc
https://build.opensuse.org/request/show/863154 15.2 / vlc
Comment 3 Swamp Workflow Management 2021-01-16 14:29:41 UTC
openSUSE-SU-2021:0076-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1133290,1172727,1180755
CVE References: CVE-2020-13428,CVE-2020-26664
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    vlc-3.0.11.1-lp151.6.12.1
Comment 4 Swamp Workflow Management 2021-01-16 23:16:48 UTC
openSUSE-SU-2021:0091-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1133290,1172727,1180755
CVE References: CVE-2020-13428,CVE-2020-26664
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    vlc-3.0.11.1-lp152.2.9.1
Comment 5 Swamp Workflow Management 2021-01-19 23:16:53 UTC
openSUSE-SU-2021:0121-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1133290,1172727,1180755
CVE References: CVE-2020-13428,CVE-2020-26664
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP1 (src):    vlc-3.0.11.1-bp151.5.12.1
Comment 6 Swamp Workflow Management 2021-01-20 05:16:42 UTC
openSUSE-SU-2021:0122-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1133290,1172727,1180755
CVE References: CVE-2020-13428,CVE-2020-26664
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP2 (src):    vlc-3.0.11.1-bp152.2.9.1