Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2013-0899: Issue 11575026: Fix possible integer overflow in Opus with ~16MB fed to the decoder.

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

CVE
Open in Source
#mac#windows#google#linux#dos#chrome

Created:
8 years ago by aedla

Modified:
8 years ago

Reviewers:
Sergey Ulanov

CC:
chromium-reviews

Base URL:
http://src.chromium.org/svn/trunk/

Visibility:
Public.

More Reviews

Description

Fix possible integer overflow in Opus with ~16MB fed to the decoder. BUG=160480 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=173498

Patch Set 1 #

Total comments: 1

Patch Set 2 : Fix possible integer overflow in Opus with ~16MB fed to the decoder. #

Created: 8 years ago

Download [raw] [tar.bz2]

Unified diffs

Side-by-side diffs

Delta from patch set

Stats (+1 line, -3 lines)

Patch

M

src/opus_decoder.c

View

1

1 chunk

+1 line, -3 lines

0 comments

Download

Messages

Total messages: 7 (0 generated)

Expand Messages | Collapse Messages

aedla

Importing a fix from upstream. Sergey, will you please take a look?

8 years ago (2012-12-14 08:07:05 UTC) #1

Sergey Ulanov

Changes in opus_decoder.c - LGTM. I think README.chromium should be updated in a separate CL, …

8 years ago (2012-12-14 18:51:22 UTC) #2

aedla

Fix possible integer overflow in Opus with ~16MB fed to the decoder. BUG=160480

8 years ago (2012-12-16 10:21:42 UTC) #3

aedla

On 2012/12/14 18:51:22, sergeyu wrote: > Changes in opus_decoder.c - LGTM. I think README.chromium should …

8 years ago (2012-12-16 10:39:57 UTC) #4

Sergey Ulanov

On 2012/12/16 10:39:57, aedla wrote: > On 2012/12/14 18:51:22, sergeyu wrote: > > Changes in …

8 years ago (2012-12-17 05:25:00 UTC) #5

Sergey Ulanov

Ah, CQ doesn’t work for /trunk/deps. I’ll land this change.

8 years ago (2012-12-17 18:26:10 UTC) #6

Sergey Ulanov

8 years ago (2012-12-17 18:45:53 UTC) #7

Message was sent while issue was closed.

On 2012/12/17 18:26:10, sergeyu wrote:

Ah, CQ doesn’t work for /trunk/deps. I’ll land this change.

Landed in crrev.com/173498

Expand Messages | Collapse Messages

Issue 11575026: Fix possible integer overflow in Opus with ~16MB fed to the decoder. (Closed)
Created 8 years ago by aedla
Modified 8 years ago
Reviewers: Sergey Ulanov
Base URL: http://src.chromium.org/svn/trunk/
Comments: 1

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE