Advisories » MGASA-2013-0182

Updated ffmpeg packages fix several security vulnerabilities

Publication date: 26 Jun 2013
Modification date: 26 Jun 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-3671 , CVE-2013-3672 , CVE-2013-3673 , CVE-2013-3674

Description

ffmpeg prior to 1.1.5 contains several security vulnerabilities

* CVE-2013-3671:
The format_line function in log.c in libavutil uses inapplicable offset
data during a certain category calculation, which allows remote attackers
to cause a denial of service (invalid pointer dereference and application
crash) via crafted data that triggers a log message.

* CVE-2013-3672:
The mm_decode_inter function in mmvideo.c in libavcodec does not validate
the relationship between a horizontal coordinate and a width value, which
allows remote attackers to cause a denial of service (out-of-bounds array
access and application crash) via crafted American Laser Games (ALG) MM
Video data.

* CVE-2013-3673:
The gif_decode_frame function in gifdec.c in libavcodec does not properly
manage the disposal methods of frames, which allows remote attackers to
cause a denial of service (out-of-bounds array access and application crash)
via crafted GIF data.

* CVE-2013-3674:
The cdg_decode_frame function in cdgraphics.c in libavcodec does not validate
the presence of non-header data in a buffer, which allows remote attackers to
cause a denial of service (out-of-bounds array access and application crash)
via crafted CD Graphics Video data.

The ffmpeg packages have been updated to fix above security vulnerabilities,
with extra bugs-fixes.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=10506
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3671
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3672
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3673
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3674

SRPMS

3/core

• ffmpeg-1.1.5-1.mga3

3/tainted

• ffmpeg-1.1.5-1.mga3.tainted