CVE-2016-10192
Description
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2016-10192
Vendor advisory: cve@mitre.org — https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
Vendor advisory: cve@mitre.org — https://ffmpeg.org/security.html
Vendor advisory: cve@mitre.org — http://www.openwall.com/lists/oss-security/2017/02/02/1
Vendor advisory: cve@mitre.org — http://www.openwall.com/lists/oss-security/2017/01/31/12
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | bookworm | fixed | 7:3.2.2-1 |
| debian | bullseye | fixed | 7:3.2.2-1 |
| debian | forky | fixed | 7:3.2.2-1 |
| debian | sid | fixed | 7:3.2.2-1 |
| debian | trixie | fixed | 7:3.2.2-1 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| ffmpeg | ffmpeg | {"endIncluding":"2.8.9"} | |
| ffmpeg | ffmpeg | 3.0 | |
| ffmpeg | ffmpeg | 3.0.1 | |
| ffmpeg | ffmpeg | 3.0.2 | |
| ffmpeg | ffmpeg | 3.0.3 | |
| ffmpeg | ffmpeg | 3.0.4 | |
| ffmpeg | ffmpeg | 3.1 | |
| ffmpeg | ffmpeg | 3.1.1 | |
| ffmpeg | ffmpeg | 3.1.2 | |
| ffmpeg | ffmpeg | 3.1.3 | |
| ffmpeg | ffmpeg | 3.1.4 | |
| ffmpeg | ffmpeg | 3.1.5 | |
| ffmpeg | ffmpeg | 3.2 | |
| ffmpeg | ffmpeg | 3.2.1 | |
References
- http://www.openwall.com/lists/oss-security/2017/01/31/12
- http://www.openwall.com/lists/oss-security/2017/02/02/1
- http://www.securityfocus.com/bid/95991
- https://ffmpeg.org/security.html
- https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156
- https://security-tracker.debian.org/tracker/CVE-2016-10192
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.