openSUSE Security Update : ffmpeg (openSUSE-2017-524)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for ffmpeg to version 3.3 fixes several issues.

These security issues were fixed :

- CVE-2016-10190: Heap-based buffer overflow in
libavformat/http.c in FFmpeg allowed remote web servers
to execute arbitrary code via a negative chunk size in
an HTTP response (boo#1022920)

- CVE-2016-10191: Heap-based buffer overflow in
libavformat/rtmppkt.c in FFmpeg allowed remote attackers
to execute arbitrary code by leveraging failure to check
for RTMP packet size mismatches (boo#1022921)

- CVE-2016-10192: Heap-based buffer overflow in ffserver.c
in FFmpeg allowed remote attackers to execute arbitrary
code by leveraging failure to check chunk size
(boo#1022922)

- CVE-2017-7859: FFmpeg had an out-of-bounds write caused
by a heap-based buffer overflow related to the
ff_h264_slice_context_init function in
libavcodec/h264dec.c (bsc#1034183).

- CVE-2017-7862: FFmpeg had an out-of-bounds write caused
by a heap-based buffer overflow related to the
decode_frame function in libavcodec/pictordec.c
(bsc#1034181).

- CVE-2017-7863: FFmpeg had an out-of-bounds write caused
by a heap-based buffer overflow related to the
decode_frame_common function in libavcodec/pngdec.c
(boo#1034179)

- CVE-2017-7865: FFmpeg had an out-of-bounds write caused
by a heap-based buffer overflow related to the
ipvideo_decode_block_opcode_0xA function in
libavcodec/interplayvideo.c and the
avcodec_align_dimensions2 function in libavcodec/utils.c
(boo#1034177)

- CVE-2017-7866: FFmpeg had an out-of-bounds write caused
by a stack-based buffer overflow related to the
decode_zbuf function in libavcodec/pngdec.c
(boo#1034176)

These non-security issues were fixed :

- Enable ac3

- Enable mp3 decoding

- EBU R128 implementation now within ffmpeg, not relying
on external library anymore

- New video filters 'premultiply', 'readeia608',
'threshold', 'midequalizer'

- Support for spherical videos

- New decoders: 16.8 and 24.0 floating point PCM, XPM

- New demuxers: MIDI Sample Dump Standard, Sample Dump
eXchange demuxer

- MJPEG encoding uses Optimal Huffman tables now

- Native Opus encoder

- Support .mov with multiple sample description tables

- Removed the legacy X11 screen grabber, use XCB instead

- Removed asyncts filter (use af_aresample instead)

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=1022920
https://bugzilla.opensuse.org/show_bug.cgi?id=1022921
https://bugzilla.opensuse.org/show_bug.cgi?id=1022922
https://bugzilla.opensuse.org/show_bug.cgi?id=1034176
https://bugzilla.opensuse.org/show_bug.cgi?id=1034177
https://bugzilla.opensuse.org/show_bug.cgi?id=1034179
https://bugzilla.opensuse.org/show_bug.cgi?id=1034181
https://bugzilla.opensuse.org/show_bug.cgi?id=1034183

Solution :

Update the affected ffmpeg packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 99722 ()

Bugtraq ID:

CVE ID: CVE-2016-10190
CVE-2016-10191
CVE-2016-10192
CVE-2017-7859
CVE-2017-7862
CVE-2017-7863
CVE-2017-7865
CVE-2017-7866

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now