MGASA-2018-0223

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0223.html

Import Source

https://advisories.mageia.org/MGASA-2018-0223.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0223

Related

Published

2018-05-09T18:33:09Z

Modified

2018-05-09T18:01:05Z

Summary

Updated libid3tag packages fix security vulnerabilities

Details

id3utf16deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS). (CVE-2004-2779)

field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3FIELDTYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop. (CVE-2008-2109)

The id3ucs4length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (NULL Pointer Dereference and application crash) via a crafted mp3 file. (CVE-2017-11550)

The id3fieldparse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service (OOM) via a crafted MP3 file. (CVE-2017-11551)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / libid3tag

Package

Name: libid3tag
Purl: pkg:rpm/mageia/libid3tag?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.15.1b-16.2.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:6 / libid3tag

Package

Name: libid3tag
Purl: pkg:rpm/mageia/libid3tag?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.15.1b-17.2.mga6

Ecosystem specific

{
    "section": "core"
}