Описание
Security update for libid3tag
This update for libid3tag fixes the following issues:
- CVE-2004-2779 CVE-2017-11551: Fixed id3_utf16_deserialize() in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. (bsc#1081959 bsc#1081961)
- CVE-2017-11550 CVE-2008-2109: Fixed the handling of unknown encodings when parsing ID3 tags. (bsc#1081962 bsc#387731)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP3
Ссылки
- Link for SUSE-SU-2018:0722-1
- E-Mail link for SUSE-SU-2018:0722-1
- SUSE Security Ratings
- SUSE Bug 1081959
- SUSE Bug 1081961
- SUSE Bug 1081962
- SUSE Bug 387731
- SUSE CVE CVE-2004-2779 page
- SUSE CVE CVE-2008-2109 page
- SUSE CVE CVE-2017-11550 page
- SUSE CVE CVE-2017-11551 page
Описание
id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS).
Затронутые продукты
Ссылки
- CVE-2004-2779
- SUSE Bug 1081959
Описание
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.
Затронутые продукты
Ссылки
- CVE-2008-2109
- SUSE Bug 387731
Описание
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file.
Затронутые продукты
Ссылки
- CVE-2017-11550
- SUSE Bug 1081962
Описание
The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file.
Затронутые продукты
Ссылки
- CVE-2017-11551
- SUSE Bug 1081961