Date: Thu, 23 Jul 2015 00:25:19 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 201778] audio/sox: Multiple memory corruption vulnerabilities in SoX 14.4.2 Message-ID: <bug-201778-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D201778 Bug ID: 201778 Summary: audio/sox: Multiple memory corruption vulnerabilities in SoX 14.4.2 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: jason.unovitch@gmail.com CC: dnelson@allantgroup.com Flags: maintainer-feedback?(dnelson@allantgroup.com) CC: dnelson@allantgroup.com >From the Google Security Team: I would like to report publicly new memory corruption vulnerabilities in the latest SoX, 14.4.2 - these have been reported in April 2015 through oCERT, but they have notified me they still haven't received a response from upstream. Please see this shared folder, visible to anybody with the link: https://drive.google.com/folderview?id=3D0B52EFul-UCEIflZhcjlrRGlqcWdER2xJZ= WR4dmVUQ1RaRGl6a09sbVdGYjg2MER6OHl3aUU&usp=3Dsharing The write heap buffer overflows are related to ADPCM handling in WAV files, while the read heap buffer overflow is while opening a .VOC. For each crash, you have the input file and a .txt with the ASAN output. Thanks, Michele Spagnuolo Google Security Team=E2=80=8B Reference: http://seclists.org/oss-sec/2015/q3/167 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201778-13>