Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 1 Dec 2016 11:24:59 +0100
From: Hanno Böck <>
Subject: gstreamer multiple issues


After the blogposts from Chris Evans about gstreamer insecurities I had
a look.
Invalid memory read in flx_decode_chunks (gst-plugins-good)
The fix is a larger rewrite of the affected code paths and probably
fixed a bunch of other issues on the way. It also fixes the second flic
bug reported by Chris Evans described here:
h264: one byte heap off by one read in gst_h264_parse_set_caps
Invalid memory read in glib caused by one invalid unref call in the
flxdec decoder. (gst-plugins-good)
4 byte heap out of bounds read in windows_icon_typefind
2 byte heap out of bounds read in gst_mpegts_section_new
null pointer deref (segfault) in mpegts decoder / _parse_pat

A note about the memory access bugs: glib's slice allocator can hide
them, so finding them with asan sometimes only works if one sets

Stuff that's probably not security relevant:

Asserts / traps only:
h264 decoder assert (gst-plugins-bad)
avidemux trap on invalid utf-8

The gstreamer devs were very quick in fixing all issues. The release
1.10.2 should contain all the fixes.

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.