Date: Sun, 04 Dec 2016 23:35:18 +0100 From: Agostino Sarubbo <ago@...too.org> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: libav: multiple crashes from the Undefined Behavior Sanitizer On Thursday 01 December 2016 14:30:33 Agostino Sarubbo wrote: > Affected version / Tested on: > 11.8 > Output/failure: > /tmp/portage/media- > video/libav-11.8/work/libav-11.8/libavcodec/get_bits.h:530:5: runtime error: > load of null pointer of type ‘int16_t’ (aka ‘short’) > Commit fix: > N/A > Fixed version: > N/A > Testcase: > https://github.com/asarubbo/poc/blob/master/00042-libav-loadnullptr-get_bits > _h Please ignore the issue above. It was already tracked as CVE-2016-8676. -- Agostino Sarubbo Gentoo Linux Developer
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ