Gentoo Archives: gentoo-announce

From: Sean Amoss <ackle@g.o>
To: gentoo-announce@g.o
Subject: [gentoo-announce] [ GLSA 201203-14 ] Audacious Plugins: User-assisted execution of arbitrary code
Date: Fri, 16 Mar 2012 11:31:03
Message-Id: 4F632348.9090308@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 201203-14
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Audacious Plugins: User-assisted execution of arbitrary code
9 Date: March 16, 2012
10 Bugs: #383991
11 ID: 201203-14
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities in Audacious Plugins could result in execution
19 of arbitrary code or Denial of Service.
20
21 Background
22 ==========
23
24 Plugins for the Audacious music player.
25
26 Affected packages
27 =================
28
29 -------------------------------------------------------------------
30 Package / Vulnerable / Unaffected
31 -------------------------------------------------------------------
32 1 media-plugins/audacious-plugins
33 < 3.1 >= 3.1
34
35 Description
36 ===========
37
38 Multiple vulnerabilities have been found in Audacious Plugins:
39
40 * The "CSoundFile::ReadWav()" function in load_wav.cpp contains an
41 integer overflow which could cause a heap-based buffer overflow
42 (CVE-2011-2911).
43 * The "CSoundFile::ReadS3M()" function in load_s3m.cpp contains
44 multiple boundary errors which could cause a stack-based buffer
45 overflow (CVE-2011-2912).
46 * The "CSoundFile::ReadAMS()" function in load_ams.cpp contains an
47 off-by-one error which could cause memory corruption (CVE-2011-2913).
48 * The "CSoundFile::ReadDSM()" function in load_dms.cpp contains an
49 off-by-one error which could cause memory corruption (CVE-2011-2914).
50 * The "CSoundFile::ReadAMS2()" function in load_ams.cpp contains an
51 off-by-one error which could cause memory corruption (CVE-2011-2915).
52
53 Impact
54 ======
55
56 A remote attacker could entice a user to open a specially crafted media
57 file, possibly resulting in execution of arbitrary code, or a Denial of
58 Service condition.
59
60 Workaround
61 ==========
62
63 There is no known workaround at this time.
64
65 Resolution
66 ==========
67
68 All Audacious Plugins users should upgrade to the latest version:
69
70 # emerge --sync
71 # emerge --ask --oneshot -v ">=media-plugins/audacious-plugins-3.1"
72
73 References
74 ==========
75
76 [ 1 ] CVE-2011-2911
77 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2911
78 [ 2 ] CVE-2011-2912
79 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2912
80 [ 3 ] CVE-2011-2913
81 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2913
82 [ 4 ] CVE-2011-2914
83 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2914
84 [ 5 ] CVE-2011-2915
85 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2915
86
87 Availability
88 ============
89
90 This GLSA and any updates to it are available for viewing at
91 the Gentoo Security Website:
92
93 http://security.gentoo.org/glsa/glsa-201203-14.xml
94
95 Concerns?
96 =========
97
98 Security is a primary focus of Gentoo Linux and ensuring the
99 confidentiality and security of our users' machines is of utmost
100 importance to us. Any security concerns should be addressed to
101 security@g.o or alternatively, you may file a bug at
102 https://bugs.gentoo.org.
103
104 License
105 =======
106
107 Copyright 2012 Gentoo Foundation, Inc; referenced text
108 belongs to its owner(s).
109
110 The contents of this document are licensed under the
111 Creative Commons - Attribution / Share Alike license.
112
113 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature