| Summary: | mplayer new security issues CVE-2022-3885[0158] and CVE-2022-3886[013456] | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, herman.viaene, mageia, nicolas.salguero, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | mplayer-1.5-12.mga9.src.rpm, mplayer-1.5-12.mga9.tainted.src.rpm | CVE: | CVE-2022-38850, CVE-2022-38851, CVE-2022-38855, CVE-2022-38858, CVE-2022-38860, CVE-2022-38861, CVE-2022-38863, CVE-2022-38864, CVE-2022-38865, CVE-2022-38866 |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 31259 | ||
|
Description
David Walser
2023-01-03 19:50:17 CET
David Walser
2023-01-03 19:50:39 CET
Whiteboard:
(none) =>
MGA8TOO Leaving with you for the moment at least. Ubuntu has issued an advisory for this on February 27: https://ubuntu.com/security/notices/USN-5895-1 Suggested advisory: ======================== The updated packages fix security vulnerabilities: The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c. (CVE-2022-38850) Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. (CVE-2022-38851) Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. (CVE-2022-38855) Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. (CVE-2022-38858) Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. (CVE-2022-38860) The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c. (CVE-2022-38861) Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. (CVE-2022-38863) Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. (CVE-2022-38864) Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. (CVE-2022-38865) Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. (CVE-2022-38866) References: https://www.debian.org/lts/security/2022/dla-3255 https://ubuntu.com/security/notices/USN-5895-1 ======================== Updated packages in core/updates_testing: ======================== mencoder-1.5-12.1.mga9 mplayer-1.5-12.1.mga9 mplayer-doc-1.5-12.1.mga9 mplayer-gui-1.5-12.1.mga9 from SRPM: mplayer-1.5-12.1.mga9.src.rpm Updated packages in tainted/updates_testing: ======================== mencoder-1.5-12.1.mga9.tainted mplayer-1.5-12.1.mga9.tainted mplayer-doc-1.5-12.1.mga9.tainted mplayer-gui-1.5-12.1.mga9.tainted from SRPM: mplayer-1.5-12.1.mga9.tainted.src.rpm Version:
Cauldron =>
9 Installed and tested tainted version without issues. Tested: - playing multiple video and audio files; - outputs: xv, x11, gl, vdpau; - mplayer-gui; - mencoder (only a few examples from https://wiki.archlinux.org/title/MEncoder); No regressions noticed. System: Mageia 9, x86_64, Plasma DE, LXQt DE, AMD Ryzen 5 5600G with Radeon Graphics using amdgpu driver. $ uname -a Linux jupiter 6.6.18-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sat Feb 24 02:17:35 UTC 2024 x86_64 GNU/Linux $ rpm -qa | grep -E '(mplayer|mencoder).*-1.5' mplayer-1.5-12.1.mga9.tainted mplayer-gui-1.5-12.1.mga9.tainted mencoder-1.5-12.1.mga9.tainted $ vdpauinfo display: :0 screen: 0 API version: 1 Information string: G3DVL VDPAU Driver Shared Library version 1.0 <SNIP> CC:
(none) =>
mageia
katnatek
2024-03-13 21:38:31 CET
Keywords:
(none) =>
advisory Installed core updates, mp4 video and wav plays OK. Did a conversion: $ mencoder 12de\ man-1.mp4 -o 12.avi -oac mp3lame -ovc lavc and resulting avi file plays OK with vlc and mplayer. CC:
(none) =>
herman.viaene Did the same with tainted versions, all work OK. Whiteboard:
(none) =>
MGA9-64-OK Validating. CC:
(none) =>
andrewsfarm, sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0062.html Resolution:
(none) =>
FIXED |