Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 21 Sep 2016 12:31:26 -0400 (EDT)
From: cve-assign@...re.org
To: ago@...too.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: libav: divide-by-zero in sbr_make_f_master (aacsbr.c)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/
> 
> A fuzzing with an mp3 file as input discovered a divide-by-zero in 
> sbr_make_f_master.
> 
> AddressSanitizer: FPE on unknown address
> 
> sbr_make_f_master libav-11.7/libavcodec/aacsbr.c:338:57

Use CVE-2016-7499.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX4rUMAAoJEHb/MwWLVhi2TS4QALQBNhZyy3tqN5IIDyejpudo
xKtiPEOe7lHzgMTm9I25aAJcUHZGGdHcoY3rgdQtLZTdME8OejjOrHg0znNmmkDZ
fjwbFxuVo9bwJ8Wa7X4YkHvX55hDmvtlwCyJjl31NmykEjx0hVpaiLGln6zLscX8
YRBbJwkYsm0EWgNC1FIU3DfhGv7DG6GLGUjhFdqumik/gyhaHGd4FtYLm5AMFI9X
bMyr9joOSUm5RobISMRfmNkye9UTtKFqNUxrLUMHGq4evUys9bsW1oY1Brfv0JxD
M2LQoB7nWNE8hM5lQUVfVHxp1ztSoDqOmtD9BjN2eI4f2xhJgPfPHc9SrgCjvrty
p/zAmLiLCI3bjNOMxkBruX5V/QFFUsJfN9UTRrU6sBsk2ysCsUDN+pXUfacOMuhj
XBwMp3pRpoCI+JDu6eNaCBT3qAhJTSL53euHavNQvyCRdFI7MJ9JbQFZ0UQFfOUO
OlBtAsQO6iACBo+BqlzO0rpDEYhfrgW5jqo+teGSO3YHuEAUUwRzxGuLSoVBpHgn
fw450fVgijaxG2RzUXB7X9PqNqyIouWrK3GlOUXgwPiVLwBuhnoHfzllqAPSOtqI
vn7WZjnZkslWfjKCqzvb4YzSWWbzOxppmMha59K3/KRUU5E5kc2lZe9izeM4/WVN
GkH5FjtTGwj8lJCz2jDd
=BEMY
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ