23211 – aubio new security issues CVE-2017-17554 and CVE-2018-1452[23]

Bug 23211 - aubio new security issues CVE-2017-17554 and CVE-2018-1452[23]

Summary: aubio new security issues CVE-2017-17554 and CVE-2018-1452[23]

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	6
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA6-32-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2018-06-20 23:44 CEST by David Walser
Modified:	2019-01-06 17:42 CET (History)
CC List:	4 users (show)

See Also:
Source RPM:	aubio-0.4.2-2.1.mga6.src.rpm
CVE:
Status comment:	Patches available from openSUSE

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2018-06-20 23:44:39 CEST

openSUSE has issued advisories on June 19:
https://lists.opensuse.org/opensuse-updates/2018-06/msg00108.html
https://lists.opensuse.org/opensuse-updates/2018-06/msg00109.html

Mageia 5 and Mageia 6 are also affected.

David Walser 2018-06-20 23:45:07 CEST

Status comment: (none) => Patch available from openSUSE
Whiteboard: (none) => MGA6TOO

Comment 1 David Walser 2018-08-16 19:45:55 CEST

openSUSE has issued an advisory today (August 16):
https://lists.opensuse.org/opensuse-updates/2018-08/msg00089.html

It fixes two new issues.

Status comment: Patch available from openSUSE => Patches available from openSUSE
Summary: aubio new security issue CVE-2017-17554 => aubio new security issues CVE-2017-17554 and CVE-2018-1452[23]

Comment 2 David Walser 2019-01-01 03:09:10 CET

All fixes were included in upstream 0.4.8 (uploaded by Shlomi for Cauldron).

Version: Cauldron => 6
Whiteboard: MGA6TOO => (none)

Comment 3 David Walser 2019-01-01 21:49:46 CET

Advisory:
========================

Updated aubio packages fix security vulnerabilities:

NULL pointer dereference in the function aubio_source_avcodec_readframe which
may lead to DoS when playing a crafted audio file (CVE-2017-17554).

A crash in aubio_pitch_set_unit (CVE-2018-14522).

A buffer overrread resulting in crash or information leakage in
new_aubio_pitchyinfft (CVE-2018-14523).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17554
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14523
https://lists.opensuse.org/opensuse-updates/2018-08/msg00089.html
========================

Updated packages in core/updates_testing:
========================
aubio-0.4.2-2.2.mga6
libaubio4-0.4.2-2.2.mga6
libaubio-devel-0.4.2-2.2.mga6
python-aubio-0.4.2-2.2.mga6

from aubio-0.4.2-2.2.mga6.src.rpm

CC: (none) => shlomif
Assignee: shlomif => qa-bugs

Comment 4 Herman Viaene 2019-01-05 10:42:33 CET

MGA6-32 MATE on IBM Thinkpad R50e
No installation issues
Ref bug 22849 Comment 5 for tests
at CLI:
$ aubiotrack -i 02Zapfenstreich.wav 
1.486735
1.998776
2.510839
and a lot more
$ aubiopitch -o test -i 02Zapfenstreich.wav 
produces an audio file "test" about half the size of the wav, but audio so distorted it is not recognizable anymore.
$ file test
test: RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz
Seems OK to me, failing to understand most of the operations in this package.

Whiteboard: (none) => MGA6-32-OK
CC: (none) => herman.viaene

Lewis Smith 2019-01-06 10:10:53 CET

Keywords: (none) => advisory, validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 5 Mageia Robot 2019-01-06 17:42:28 CET

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0016.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.