95230

https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc

https://source.android.com/security/bulletin/2017-01-01.html

According to the versions of the libvpx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - A denial of service vulnerability in libvpx in     Mediaserver could enable a remote attacker to use a     specially crafted file to cause a device hang or     reboot. This issue is rated as High due to the     possibility of remote denial of service. Product:
    Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1,     7.0, 7.1. Android ID: A-30436808.(CVE-2017-0393)

  - In libvpx, there is a possible information disclosure     due to improper input validation. This could lead to     remote information disclosure with no additional     execution privileges needed. User interaction is needed     for exploitation. Product: AndroidVersions:
    Android-10Android ID: A-80479354(CVE-2019-9433)

  - libvpx contains an out-of-bounds read flaw in the     vp8_mv_bit_cost() and mv_err_cost() functions in     vp8/encoder/mcomp.c that is triggered as certain input     is not properly validated. This may allow a     context-dependent attacker to crash a process linked     against the library or potentially disclose sensitive     memory contents.(CVE-2018-9349)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libvpx packages installed that are affected by multiple vulnerabilities:

  - A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a     specially crafted file to cause a device hang or reboot. This issue is rated as High due to the     possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,     7.1. Android ID: A-30436808. (CVE-2017-0393)

  - In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input     validation. This could lead to remote information disclosure if error correction were turned on, with no     additional execution privileges needed. User interaction is not needed for exploitation.Product:
    AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770 (CVE-2020-0034)

  - In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote     information disclosure with no additional execution privileges needed. User interaction is not needed for     exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 (CVE-2019-9232)

  - In libvpx, there is a possible information disclosure due to improper input validation. This could lead to     remote information disclosure with no additional execution privileges needed. User interaction is needed     for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 (CVE-2019-9433)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

According to the versions of the libvpx package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - A denial of service vulnerability in libvpx in     Mediaserver could enable a remote attacker to use a     specially crafted file to cause a device hang or     reboot. This issue is rated as High due to the     possibility of remote denial of service. Product:
    Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1,     7.0, 7.1. Android ID: A-30436808.(CVE-2017-0393)

  - In libvpx, there is a possible information disclosure     due to improper input validation. This could lead to     remote information disclosure with no additional     execution privileges needed. User interaction is needed     for exploitation. Product: AndroidVersions:
    Android-10Android ID: A-80479354(CVE-2019-9433)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the version of the libvpx package installed, the EulerOS installation on the remote host is affected by the following vulnerability :

  - A denial of service vulnerability in libvpx in     Mediaserver could enable a remote attacker to use a     specially crafted file to cause a device hang or     reboot. This issue is rated as High due to the     possibility of remote denial of service. Product:
    Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1,     7.0, 7.1. Android ID: A-30436808.(CVE-2017-0393)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1558 advisory.

  - A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a     specially crafted file to cause a device hang or reboot. This issue is rated as High due to the     possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,     7.1. Android ID: A-30436808. (CVE-2017-0393)

  - In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote     information disclosure with no additional execution privileges needed. User interaction is not needed for     exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 (CVE-2019-9232)

  - In libvpx, there is a possible information disclosure due to improper input validation. This could lead to     remote information disclosure with no additional execution privileges needed. User interaction is needed     for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 (CVE-2019-9433)

  - In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input     validation. This could lead to remote information disclosure if error correction were turned on, with no     additional execution privileges needed. User interaction is not needed for exploitation.Product:
    AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770 (CVE-2020-0034)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Security Fix(es) :

  - libvpx: Denial of service in mediaserver (CVE-2017-0393)

  - libvpx: Out of bounds read in vp8_norm table     (CVE-2019-9232)

  - libvpx: Use-after-free in vp8_deblock() in     vp8/common/postproc.c (CVE-2019-9433)

  - libvpx: Out of bounds read in vp8_decode_frame in     decodeframe.c (CVE-2020-0034)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:3876 advisory.

  - libvpx: Denial of service in mediaserver (CVE-2017-0393)

  - libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232)

  - libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433)

  - libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c (CVE-2020-0034)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3876 advisory.

  - A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a     specially crafted file to cause a device hang or reboot. This issue is rated as High due to the     possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0,     7.1. Android ID: A-30436808. (CVE-2017-0393)

  - In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote     information disclosure with no additional execution privileges needed. User interaction is not needed for     exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 (CVE-2019-9232)

  - In libvpx, there is a possible information disclosure due to improper input validation. This could lead to     remote information disclosure with no additional execution privileges needed. User interaction is needed     for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 (CVE-2019-9433)

  - In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input     validation. This could lead to remote information disclosure if error correction were turned on, with no     additional execution privileges needed. User interaction is not needed for exploitation.Product:
    AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770 (CVE-2020-0034)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3876 advisory.

  - libvpx: Denial of service in mediaserver (CVE-2017-0393)

  - libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232)

  - libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433)

  - libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c (CVE-2020-0034)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
149125	EulerOS 2.0 SP3 : libvpx (EulerOS-SA-2021-1814)	Nessus	Huawei Local Security Checks	medium
147310	NewStart CGSL CORE 5.04 / MAIN 5.04 : libvpx Multiple Vulnerabilities (NS-SA-2021-0015)	Nessus	NewStart CGSL Local Security Checks	high
146743	EulerOS 2.0 SP2 : libvpx (EulerOS-SA-2021-1322)	Nessus	Huawei Local Security Checks	medium
146124	EulerOS 2.0 SP5 : libvpx (EulerOS-SA-2021-1209)	Nessus	Huawei Local Security Checks	high
142738	Amazon Linux 2 : libvpx (ALAS-2020-1558)	Nessus	Amazon Linux Local Security Checks	high
141685	Scientific Linux Security Update : libvpx on SL7.x x86_64 (20201001)	Nessus	Scientific Linux Local Security Checks	high
141617	CentOS 7 : libvpx (CESA-2020:3876)	Nessus	CentOS Local Security Checks	high
141257	Oracle Linux 7 : libvpx (ELSA-2020-3876)	Nessus	Oracle Linux Local Security Checks	high
141041	RHEL 7 : libvpx (RHSA-2020:3876)	Nessus	Red Hat Local Security Checks	high

CVE-2017-0393

HIGH

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins

medium

high

medium

high

high

high

high

high

high