Support / Security / Advisories / Mandriva Linux 2006 / MDKSA-2005:231

Package name: ffmpeg
Date: 2005-12-14
Advisory ID: MDKSA-2005:231
Affected versions: CS3.0 i586 , 2006.0 i586 , 2006.0 x86_64 , CS3.0 x86_64

Problem description

Simon Kilvington discovered a vulnerability in FFmpeg libavcodec,
which can be exploited by malicious people to cause a DoS (Denial
of Service) and potentially to compromise a user's system.

The vulnerability is caused due to a boundary error in the
"avcodec_default_get_buffer()" function of "utils.c" in libavcodec.
This can be exploited to cause a heap-based buffer overflow when a
specially-crafted 1x1 ".png" file containing a palette is read.

The updated packages have been patched to prevent this problem.

Updated packages

CS3.0 i586

 8c9f945457c3c6b6ea27bdc09b551228  corporate/3.0/RPMS/ffmpeg-0.4.8-7.2.C30mdk.i586.rpm
 7a18cf6e760524cdc11dcb41674de4c4  corporate/3.0/RPMS/libffmpeg0-0.4.8-7.2.C30mdk.i586.rpm
 a28eed315d715bf831fe4e1c4fa755b0  corporate/3.0/RPMS/libffmpeg0-devel-0.4.8-7.2.C30mdk.i586.rpm
 c0933f7bdd4c18c2acbc87daaa575dc7  corporate/3.0/SRPMS/ffmpeg-0.4.8-7.2.C30mdk.src.rpm

2006.0 i586

 328ece4eb327ae1a8bd469e7cfd67a3e  2006.0/RPMS/ffmpeg-0.4.9-0.pre1.5.1.20060mdk.i586.rpm
 56b14628f0c39a90e73efdd707c01abb  2006.0/RPMS/libffmpeg0-0.4.9-0.pre1.5.1.20060mdk.i586.rpm
 26e70cd6bcf85d2da24ff21d23e54ec4  2006.0/RPMS/libffmpeg0-devel-0.4.9-0.pre1.5.1.20060mdk.i586.rpm
 33c744c5c8b5e97b26d3a871c664f38d  2006.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.1.20060mdk.src.rpm

2006.0 x86_64

 fffaeaf65e153d5c68ba8fc2e63f5a20  x86_64/2006.0/RPMS/ffmpeg-0.4.9-0.pre1.5.1.20060mdk.x86_64.rpm
 cfe92867d45206761c2d0442fc94438b  x86_64/2006.0/RPMS/lib64ffmpeg0-0.4.9-0.pre1.5.1.20060mdk.x86_64.rpm
 69a16bc824805150c1c08660421215bf  x86_64/2006.0/RPMS/lib64ffmpeg0-devel-0.4.9-0.pre1.5.1.20060mdk.x86_64.rpm
 33c744c5c8b5e97b26d3a871c664f38d  x86_64/2006.0/SRPMS/ffmpeg-0.4.9-0.pre1.5.1.20060mdk.src.rpm

CS3.0 x86_64

 005b38cf84986bcb47a96eae3312196c  x86_64/corporate/3.0/RPMS/ffmpeg-0.4.8-7.2.C30mdk.x86_64.rpm
 cd8c5a941ce2a7c8b3b1bd698627391c  x86_64/corporate/3.0/RPMS/lib64ffmpeg0-0.4.8-7.2.C30mdk.x86_64.rpm
 66c67e4a1bea207ecccd6b7c5336b489  x86_64/corporate/3.0/RPMS/lib64ffmpeg0-devel-0.4.8-7.2.C30mdk.x86_64.rpm
 c0933f7bdd4c18c2acbc87daaa575dc7  x86_64/corporate/3.0/SRPMS/ffmpeg-0.4.8-7.2.C30mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048