USN-1478-1: Libav vulnerabilities
18 June 2012
Libav could be made to crash or run programs as your login if it opened a specially crafted file.
Releases
Packages
- libav - Multimedia player, server, encoder and transcoder
Details
Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly
handled certain malformed DV files. If a user were tricked into opening a
crafted DV file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the privileges
of the user invoking the program. This issue only affected Ubuntu 11.10.
(CVE-2011-3929, CVE-2011-3936)
Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly
handled certain malformed NSV files. If a user were tricked into opening a
crafted NSV file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the privileges
of the user invoking the program. This issue only affected Ubuntu 11.04 and
Ubuntu 11.10. (CVE-2011-3940)
Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly
handled certain malformed Kega Game Video (KGV1) files. If a user were
tricked into opening a crafted Kega Game Video (KGV1) file, an attacker
could cause a denial of service via application crash, or possibly execute
arbitrary code with the privileges of the user invoking the program. This
issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3945)
Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly
handled certain malformed MJPEG-B files. If a user were tricked into
opening a crafted MJPEG-B file, an attacker could cause a denial of service
via application crash, or possibly execute arbitrary code with the
privileges of the user invoking the program. This issue only affected
Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947)
Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly
handled certain malformed DPCM files. If a user were tricked into opening a
crafted DPCM file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the privileges
of the user invoking the program. This issue only affected Ubuntu 11.04 and
Ubuntu 11.10. (CVE-2011-3951)
Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly
handled certain malformed KMVC files. If a user were tricked into opening a
crafted KMVC file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the privileges
of the user invoking the program. This issue only affected Ubuntu 11.04 and
Ubuntu 11.10. (CVE-2011-3952)
Jeong Wook Oh discovered that Libav incorrectly handled certain malformed
ASF files. If a user were tricked into opening a crafted ASF file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program. This issue only affected Ubuntu 11.10. (CVE-2011-4031)
It was discovered that Libav incorrectly handled certain malformed
Westwood SNDx files. If a user were tricked into opening a crafted Westwood
SNDx file, an attacker could cause a denial of service via application
crash, or possibly execute arbitrary code with the privileges of the user
invoking the program. This issue only affected Ubuntu 11.10.
(CVE-2012-0848)
Diana Elena Muscalu discovered that Libav incorrectly handled certain
malformed AAC files. If a user were tricked into opening a crafted AAC
file, an attacker could cause a denial of service via application crash, or
possibly execute arbitrary code with the privileges of the user invoking
the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10.
(CVE-2012-0850)
It was discovered that Libav incorrectly handled certain malformed H.264
files. If a user were tricked into opening a crafted H.264 file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2012-0851)
It was discovered that Libav incorrectly handled certain malformed ADPCM
files. If a user were tricked into opening a crafted ADPCM file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10.
(CVE-2012-0852)
It was discovered that Libav incorrectly handled certain malformed Atrac 3
files. If a user were tricked into opening a crafted Atrac 3 file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10.
(CVE-2012-0853)
It was discovered that Libav incorrectly handled certain malformed Shorten
files. If a user were tricked into opening a crafted Shorten file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10.
(CVE-2012-0858)
It was discovered that Libav incorrectly handled certain malformed Vorbis
files. If a user were tricked into opening a crafted Vorbis file, an
attacker could cause a denial of service via application crash, or possibly
execute arbitrary code with the privileges of the user invoking the
program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10.
(CVE-2012-0859)
Fabian Yamaguchi discovered that Libav incorrectly handled certain
malformed VQA files. If a user were tricked into opening a crafted VQA
file, an attacker could cause a denial of service via application crash, or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2012-0947)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
Related notices
- USN-1479-1: libavformat52, ffmpeg, libavcodec52