Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-38858: A SEGV vulnerability found in faad2 · Issue #173 · knik0/faad2

Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039.

CVE
#vulnerability#ubuntu#dos#git#c++#buffer_overflow

Hi, developers of faad2:
In the test of the binary faad(1d53978) instrumented with ASAN. There is a SEGV vulnerability in faad, /faad2/frontend/mp4read.c:1039:67 in mp4info. Here is the ASAN mode output:

=================================================================
==58059==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000004 (pc 0x0000004d332f bp 0x7fff0e2f79b0 sp 0x7fff0e2f7900 T0)
==58059==The signal is caused by a READ memory access.
==58059==Hint: address points to the zero page.
#0 0x4d332f in mp4info /faad2/frontend/mp4read.c:1039:67
#1 0x4d2361 in mp4read_open /faad2/frontend/mp4read.c:1085:9
#2 0x4cc166 in decodeMP4file /faad2/frontend/main.c:820:9
#3 0x4cc166 in faad_main /faad2/frontend/main.c:1318:18
#4 0x4cc166 in main /faad2/frontend/main.c:1376:12
#5 0x7f99902d9c86 in __libc_start_main /build/glibc-CVJwZb/glibc-2.27/csu/…/csu/libc-start.c:310
#6 0x41c419 in _start (/faad2/build/faad+0x41c419)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /faad2/frontend/mp4read.c:1039:67 in mp4info
==58059==ABORTING

Crash input

https://github.com/17ssDP/fuzzer_crashes/blob/main/faad2/segv

Command Line

./faad -o /dev/null @@

Environment

Ubuntu 16.04
Clang 10.0.1
gcc 5.5

Related news

Gentoo Linux Security Advisory 202401-13

Gentoo Linux Security Advisory 202401-13 - Multiple denial of service vulnerabilities have been found in FAAD2. Versions greater than or equal to 2.11.0 are affected.

Ubuntu Security Notice USN-6313-1

Ubuntu Security Notice 6313-1 - It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907