Bugzilla – Bug 1037255
VUL-1: CVE-2017-8419: lame: denial of service (stack-based buffer overflow or heap-based buffer overflow) via a crafted file
Last modified: 2018-02-21 06:40:21 UTC
Created attachment 723519 [details] CVE-2017-8419_reproducer Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-8419 ==================================================== Description LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service (stack-based buffer overflow or heap-based buffer overflow) or possibly have unspecified other impact via a crafted file, as demonstrated by mishandling of num_channels. ==================================================== Hyperlink [1] https://sourceforge.net/p/lame/bugs/458/ [2] Reproducer: https://sourceforge.net/p/lame/bugs/458/attachment/lame_stack_corruption_poc.wav (open-)SUSE: https://software.opensuse.org/package/lame 3.99.5 (TW, 42.{1,2}, hardware:sdr repo, multimedia:libs repo, and multimedia:musescore2 repo for TW only)
Not a distribution package, moving. multimedia:libs/lame does not have an explicit maintainer set, cc'ing project maintainers.
we now have 3.100 in factory and leap.