Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 1 Dec 2016 11:24:59 +0100
From: Hanno Böck <>
Subject: gstreamer multiple issues


After the blogposts from Chris Evans about gstreamer insecurities I had
a look.
Invalid memory read in flx_decode_chunks (gst-plugins-good)
The fix is a larger rewrite of the affected code paths and probably
fixed a bunch of other issues on the way. It also fixes the second flic
bug reported by Chris Evans described here:
h264: one byte heap off by one read in gst_h264_parse_set_caps
Invalid memory read in glib caused by one invalid unref call in the
flxdec decoder. (gst-plugins-good)
4 byte heap out of bounds read in windows_icon_typefind
2 byte heap out of bounds read in gst_mpegts_section_new
null pointer deref (segfault) in mpegts decoder / _parse_pat

A note about the memory access bugs: glib's slice allocator can hide
them, so finding them with asan sometimes only works if one sets

Stuff that's probably not security relevant:

Asserts / traps only:
h264 decoder assert (gst-plugins-bad)
avidemux trap on invalid utf-8

The gstreamer devs were very quick in fixing all issues. The release
1.10.2 should contain all the fixes.

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ