Bug 331991 (CVE-2007-4619)

Summary: CVE-2007-4619 FLAC Integer overflows
Product: [Other] Security Response Reporter: Lubomir Kundrak <lkundrak>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: bnocera, jturner, kreilly, mclasen, mlichvar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4619
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-11 17:29:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 332571, 332581, 332591, 332601, 332611, 332621, 833896    
Bug Blocks:    
Attachments:
Description Flags
Probably the fix for CVE-2007-4619 sucked from upstream CVS none

Description Lubomir Kundrak 2007-10-15 11:30:43 UTC
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4619 to the following vulnerability:

Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow.

References:

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608
http://flac.sourceforge.net/changelog.html#flac_1_2_1

Comment 1 Lubomir Kundrak 2007-10-15 12:43:04 UTC
Created attachment 227581 [details]
Probably the fix for CVE-2007-4619 sucked from upstream CVS

Comment 2 Bastien Nocera 2007-10-15 13:56:29 UTC
Looks like an update would be needed on FC6, F7, RHEL3, RHEL4, and RHEL5.

Only problem being that we can't upgrade to 1.2.1 in any of those, as 1.1.3
changed the API considerably, and the patch would only apply cleanly to 1.2.0
(which we don't use anywhere, otherwise, we'd just upgrade it to 1.2.1).

Comment 6 Lubomir Kundrak 2007-12-07 14:36:46 UTC
See also bug #415581

Comment 7 Red Hat Product Security 2008-01-11 17:29:56 UTC
This issue was addressed in:

Red Hat Enterprise Linux:
  http://rhn.redhat.com/errata/RHSA-2007-0975.html

Fedora:
  https://admin.fedoraproject.org/updates/F7/FEDORA-2007-2596

Comment 8 Tomas Hoger 2008-07-25 10:30:31 UTC
*** Bug 415581 has been marked as a duplicate of this bug. ***