oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: libav: divide-by-zero in sbr_make_f_master (aacsbr.c)

From: cve-assign () mitre org
Date: Wed, 21 Sep 2016 12:31:26 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/

A fuzzing with an mp3 file as input discovered a divide-by-zero in 
sbr_make_f_master.

AddressSanitizer: FPE on unknown address

sbr_make_f_master libav-11.7/libavcodec/aacsbr.c:338:57


Use CVE-2016-7499.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX4rUMAAoJEHb/MwWLVhi2TS4QALQBNhZyy3tqN5IIDyejpudo
xKtiPEOe7lHzgMTm9I25aAJcUHZGGdHcoY3rgdQtLZTdME8OejjOrHg0znNmmkDZ
fjwbFxuVo9bwJ8Wa7X4YkHvX55hDmvtlwCyJjl31NmykEjx0hVpaiLGln6zLscX8
YRBbJwkYsm0EWgNC1FIU3DfhGv7DG6GLGUjhFdqumik/gyhaHGd4FtYLm5AMFI9X
bMyr9joOSUm5RobISMRfmNkye9UTtKFqNUxrLUMHGq4evUys9bsW1oY1Brfv0JxD
M2LQoB7nWNE8hM5lQUVfVHxp1ztSoDqOmtD9BjN2eI4f2xhJgPfPHc9SrgCjvrty
p/zAmLiLCI3bjNOMxkBruX5V/QFFUsJfN9UTRrU6sBsk2ysCsUDN+pXUfacOMuhj
XBwMp3pRpoCI+JDu6eNaCBT3qAhJTSL53euHavNQvyCRdFI7MJ9JbQFZ0UQFfOUO
OlBtAsQO6iACBo+BqlzO0rpDEYhfrgW5jqo+teGSO3YHuEAUUwRzxGuLSoVBpHgn
fw450fVgijaxG2RzUXB7X9PqNqyIouWrK3GlOUXgwPiVLwBuhnoHfzllqAPSOtqI
vn7WZjnZkslWfjKCqzvb4YzSWWbzOxppmMha59K3/KRUU5E5kc2lZe9izeM4/WVN
GkH5FjtTGwj8lJCz2jDd
=BEMY
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: