47574 – faad2: Multiple issues (4.2)

Bug 47574 - faad2: Multiple issues (4.2)

Summary: faad2: Multiple issues (4.2)

Status:	CLOSED FIXED

Alias:	None

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.2
Hardware:	All Linux

Importance:	P5 normal
Target Milestone:	UCS 4.2-4-errata
Assignee:	Quality Assurance
QA Contact:	Philipp Hahn

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-08-10 18:03 CEST by Quality Assurance
Modified:	2018-08-15 16:20 CEST (History)
CC List:	0 users

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score:	0.0 ()

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Quality Assurance

2018-08-10 18:03:12 CEST

New Debian faad2 2.7-8.A~4.2.4.201808101752 fixes:
This update addresses the following issues:
* The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. (CVE-2017-9218)
* The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted mp4 file. (CVE-2017-9219)
* The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (memory allocation error) via a crafted mp4 file. (CVE-2017-9220)
* The mp4ff_read_mdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. (CVE-2017-9221)
* The mp4ff_parse_tag function in common/mp4ff/mp4meta.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file. (CVE-2017-9222)
* The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted mp4 file. (CVE-2017-9223)
* The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (CVE-2017-9253)
* The mp4ff_read_stts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (CVE-2017-9254)
* The mp4ff_read_stsc function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (CVE-2017-9255)
* The mp4ff_read_stco function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (CVE-2017-9256)
* The mp4ff_read_ctts function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file. (CVE-2017-9257)

2.7-8+deb8u1 (Tue, 01 May 2018 17:36:53 +0200) * Non-maintainer upload. * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257. Various issues were discovered in faad2, a fast audio decoder, that could cause a denial of service (large loop and CPU consumption) via a crafted mp4 file.

Comment 1 Quality Assurance

2018-08-10 18:53:43 CEST

--- mirror/ftp/4.0/unmaintained/4.0-0/source/faad2_2.7-8.9.201403221916.dsc
+++ apt/ucs_4.2-0-errata4.2-4/source/faad2_2.7-8.A~4.2.4.201808101752.dsc
@@ -1,6 +1,16 @@
-2.7-8.9.201403221916 [Sat, 22 Mar 2014 19:16:33 +0100] Univention builddaemon <buildd@univention.de>:
+2.7-8.A~4.2.4.201808101752 [Fri, 10 Aug 2018 18:03:16 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. No patches were applied to the original source package
+
+2.7-8+deb8u1 [Tue, 01 May 2018 17:36:53 +0200] Markus Koschany <apo@debian.org>:
+
+  * Non-maintainer upload.
+  * Fix CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221,
+    CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255,
+    CVE-2017-9256, CVE-2017-9257.
+    Various issues were discovered in faad2, a fast audio decoder, that could
+    cause a denial of service (large loop and CPU consumption) via a crafted
+    mp4 file. (Closes: #889915)
 
 2.7-8 [Sun, 18 Mar 2012 09:07:55 -0400] Andres Mejia <amejia@debian.org>:
 

<http://10.200.17.11/4.2-4/#7493265277346397066>

Comment 2 Philipp Hahn

2018-08-10 19:42:51 CEST

OK: yaml
OK: errata-announce
OK: patch
OK: piuparts

[4.2-4] 54a955113b Bug #47574: faad2 2.7-8.A~4.2.4.201808101752
 doc/errata/staging/faad2.yaml | 18 +++++-------------
 1 file changed, 5 insertions(+), 13 deletions(-)

[4.2-4] 84eca6a7d2 Bug #47574: faad2 2.7-8.A~4.2.4.201808101752
 doc/errata/staging/faad2.yaml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

Comment 3 Arvid Requate

2018-08-15 16:20:58 CEST

<http://errata.software-univention.de/ucs/4.2/448.html>