1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
Candidate: CVE-2016-7393
PublicDate: 2017-02-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7393
https://blogs.gentoo.org/ago/2016/08/20/libav-stack-based-buffer-overflow-in-aac_sync-aac_parser-c/
Description:
Stack-based buffer overflow in the aac_sync function in aac_parser.c in
Libav before 11.5 allows remote attackers to cause a denial of service
(out-of-bounds read) via a crafted file.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by: Agostino Sarubbo, Janne Grunau
Assigned-to:
Patches_libav:
upstream: https://git.libav.org/?p=libav.git;a=commit;h=fb1473080223a634b8ac2cca48a632d037a0a69d
upstream: https://git.libav.org/?p=libav.git;a=commit;h=09447f2b0fafac6d9565aab82a4c5f16fc99ee5e
upstream_libav: needed
precise_libav: ignored (reached end-of-life)
precise/esm_libav: DNE (precise was needed)
trusty_libav: needed
vivid/stable-phone-overlay_libav: DNE
vivid/ubuntu-core_libav: DNE
xenial_libav: DNE
yakkety_libav: DNE
zesty_libav: DNE
devel_libav: DNE
Patches_ffmpeg:
upstream_ffmpeg: released (7:2.4-1)
precise_ffmpeg: DNE
precise/esm_ffmpeg: DNE
trusty_ffmpeg: DNE
vivid/stable-phone-overlay_ffmpeg: DNE
vivid/ubuntu-core_ffmpeg: DNE
xenial_ffmpeg: not-affected (7:2.8.6-1ubuntu2)
yakkety_ffmpeg: not-affected
zesty_ffmpeg: not-affected
devel_ffmpeg: not-affected
|