Red Hat Bugzilla – Bug 470822
CVE-2008-5008 libsamplerate: buffer overflow on "extreme low conversion ratios"
Last modified: 2010-04-21 17:39:16 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5008 to the following vulnerability:
Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or
libsamplerate) before 0.1.4, when "extreme low conversion ratios" are
used, allows user-assisted attackers to have an unknown impact via a
crafted audio file.
Created attachment 323069 [details]
src/src_sinc.c 0.13 -> 0.14 diff
Only change in src/src_sinc.c between 0.13 and 0.14.
I haven't looked closely whether this is over-write or over-read only.
I do not believe this bufferoverflow is something which can be triggered remotely, not even by a crafted file.
Never the less I've updated F-8 and F-9 cvs to the latest upstream (F-10 and later already has that), which fixes this and is ABI compatible, and I've done builds of this:
libsamplerate-0.1.4-1.fc9 Tag: dist-f9-updates-candidate:
libsamplerate-0.1.4-1.fc8 Tag: dist-f8-updates-candidate:
Although I do not expect any problems from these updates, given the low if any security impact of this I would prefer to see this pushed to the repo through updates-testing if pushed at all.
Hans, thanks for checking. I'll fully trust your judgement here, as you surely know the code much better as long-term maintainer of this package. If you decide to submit anyway, feel free to do it via testing first.
I'm going to close this. Current Fedora has 0.1.6 or newer, although EPEL5 has 0.1.2. However, if we do not believe this can be triggered at all, then we should not classify this as a security issue.