Univention Bugzilla – Bug 53982
faad2: Multiple issues (4.4)
Last modified: 2021-10-28 18:15:56 CEST
New Debian faad2 2.8.0~cvs20161113-1+deb9u3 fixes: This update addresses the following issues: * A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the ONLY_LONG_SEQUENCE case. (CVE-2018-20199) * An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. (CVE-2018-20360) * An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. It is a buffer over-read in ps_mix_phase in libfaad/ps_dec.c. (CVE-2019-6956) * An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution. (CVE-2021-32274) * An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service. (CVE-2021-32276) * An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution. (CVE-2021-32277) * An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution. (CVE-2021-32278)
--- mirror/ftp/4.4/unmaintained/4.4-2/source/faad2_2.8.0~cvs20161113-1+deb9u2.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/faad2_2.8.0~cvs20161113-1+deb9u3.dsc @@ -1,3 +1,21 @@ +2.8.0~cvs20161113-1+deb9u3 [Sun, 24 Oct 2021 13:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2021-32274 + heap buffer overflow that might allow an attacker to execute code + * CVE-2021-32276 + null pointer dereference that might allow an attacker to perform a DoS + * CVE-2021-32277 + heap buffer overflow that might allow an attacker to execute code + * CVE-2021-32278 + heap buffer overflow that might allow an attacker to execute code + * CVE-2019-6956 + Buffer over read + * CVE-2018-20360 + NULL pointer dereference + * CVE-2018-20199 + NULL pointer dereference + 2.8.0~cvs20161113-1+deb9u2 [Fri, 06 Sep 2019 18:52:19 +0200] Hugo Lefeuvre <hle@debian.org>: * Non-maintainer upload by the Security Team. <http://piuparts.knut.univention.de/4.4-8/#9181365568214233636>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] 3fb27efc74 Bug #53982: faad2 2.8.0~cvs20161113-1+deb9u3 doc/errata/staging/faad2.yaml | 44 +++++++++++++++++++++---------------------- 1 file changed, 21 insertions(+), 23 deletions(-) [4.4-8] 41f5b991ce Bug #53982: faad2 2.8.0~cvs20161113-1+deb9u3 doc/errata/staging/faad2.yaml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1073>