1
0
forked from jengelh/ffmpeg-6

Add ffmpeg-6-CVE-2024-7055.patch:

Backporting 3faadbe2 from upstream, Use 64bit for input size check,
Fixes: out of array read, Fixes: poc3.
(CVE-2024-7055, bsc#1229026)
This commit is contained in:
Cliff Zhao 2024-09-17 10:57:33 +08:00
parent 943a1c7f2a
commit d2e63b1c36
5 changed files with 41 additions and 3 deletions

View File

@ -0,0 +1,29 @@
From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Thu, 18 Jul 2024 21:12:54 +0200
Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check
References: CVE-2024-7055
References: bsc#1229026
Upstream: Backport from upstream
Fixes: out of array read
Fixes: poc3
Reported-by: VulDB CNA Team
Found-by: CookedMelon
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavcodec/pnmdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- ffmpeg-6.1.1/libavcodec/pnmdec.c
+++ ffmpeg-6.1.1_new/libavcodec/pnmdec.c
@@ -264,7 +264,7 @@
break;
case AV_PIX_FMT_GBRPF32:
if (!s->half) {
- if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
+ if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
return AVERROR_INVALIDDATA;
scale = 1.f / s->scale;
if (s->endian) {

Binary file not shown.

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Fri Sep 6 15:06:21 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-6-CVE-2024-7055.patch:
Backporting 3faadbe2 from upstream, Use 64bit for input size check,
Fixes: out of array read, Fixes: poc3.
(CVE-2024-7055, bsc#1229026)
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Sep 1 18:04:27 UTC 2024 - Jan Engelhardt <jengelh@inai.de> Sun Sep 1 18:04:27 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
@ -29,7 +37,7 @@ Tue Jul 2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-6-CVE-2024-32230.patch: - Add ffmpeg-6-CVE-2024-32230.patch:
Backporting 96449cfe from upstream, Fix 1 line and one column images. Backporting 96449cfe from upstream, Fix 1 line and one column images.
(CVE-2024-32230 bsc#1227296) (CVE-2024-32230, bsc#1227296)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jul 2 11:57:01 UTC 2024 - Cliff Zhao <qzhao@suse.com> Tue Jul 2 11:57:01 UTC 2024 - Cliff Zhao <qzhao@suse.com>
@ -68,14 +76,14 @@ Thu Apr 23 14:05:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-CVE-2023-50008.patch: - Add ffmpeg-CVE-2023-50008.patch:
Backporting 5f87a68c from upstream, Fix memory leaks. Backporting 5f87a68c from upstream, Fix memory leaks.
(CVE-2023-50008 bsc#1223254) (CVE-2023-50008, bsc#1223254)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 23 12:22:53 UTC 2024 - Cliff Zhao <qzhao@suse.com> Thu Apr 23 12:22:53 UTC 2024 - Cliff Zhao <qzhao@suse.com>
- Add ffmpeg-CVE-2023-50007.patch: - Add ffmpeg-CVE-2023-50007.patch:
Backporting b1942734 from upstream, Fix crash with EOF handling. Backporting b1942734 from upstream, Fix crash with EOF handling.
(CVE-2023-50007 bsc#1223253) (CVE-2023-50007, bsc#1223253)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jengelh@inai.de> Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jengelh@inai.de>

View File

@ -124,6 +124,7 @@ Patch94: ffmpeg-6-CVE-2024-32228-shim-1535d338.patch
Patch95: ffmpeg-6-CVE-2024-32228-shim-f50382cb.patch Patch95: ffmpeg-6-CVE-2024-32228-shim-f50382cb.patch
Patch96: ffmpeg-6-CVE-2024-32230.patch Patch96: ffmpeg-6-CVE-2024-32230.patch
Patch97: ffmpeg-c99.patch Patch97: ffmpeg-c99.patch
Patch98: ffmpeg-6-CVE-2024-7055.patch
# #
# preamble is present twice, watch out # preamble is present twice, watch out
# #

Binary file not shown.