ALT-BU-2022-5225-1
Branch sisyphus update bulletin.
Package gstreamer1.0 updated to version 1.20.3-alt1 for branch sisyphus in task 302181.
Closed vulnerabilities
BDU:2022-06448
Уязвимость функции gst_matroska_decompress_data мультимедийного фреймворка Gstreamer, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2022-06449
Уязвимость функции gst_avi_demux_invert мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код
BDU:2022-06450
Уязвимость функции gst_matroska_demux_add_wvpk_header мультимедийного фреймворка Gstreamer, позволяющая нарушителю выполнить произвольный код
BDU:2022-06453
Уязвимость функции qtdemux_inflate мультимедийного фреймворка Gstreamer, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2022-06462
Уязвимость функции gst_matroska_decompress_data мультимедийного фреймворка Gstreamer, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2022-1920
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1226
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Modified: 2024-11-21
CVE-2022-1921
Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1224
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Modified: 2024-11-21
CVE-2022-1922
DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Modified: 2024-11-21
CVE-2022-1923
DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Modified: 2024-11-21
CVE-2022-1924
DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Modified: 2024-11-21
CVE-2022-1925
DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Modified: 2024-11-21
CVE-2022-2122
DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite.
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/1225
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- [debian-lts-announce] 20220809 [SECURITY] [DLA 3069-1] gst-plugins-good1.0 security update
- DSA-5204
- DSA-5204
Closed vulnerabilities
BDU:2022-01641
Уязвимость библиотеки zlib, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2025-03-28
CVE-2018-25032
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- 20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4
- [oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)
- [oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)
- https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://github.com/madler/zlib/compare/v1.2.11...v1.2.12
- https://github.com/madler/zlib/issues/605
- https://github.com/madler/zlib/issues/605
- [debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update
- [debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update
- [debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update
- [debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update
- [debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update
- FEDORA-2022-b58a85e167
- FEDORA-2022-b58a85e167
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-3a92250fd5
- FEDORA-2022-3a92250fd5
- FEDORA-2022-413a80a102
- FEDORA-2022-413a80a102
- FEDORA-2022-12b89e2aad
- FEDORA-2022-12b89e2aad
- FEDORA-2022-dbd2935e44
- FEDORA-2022-dbd2935e44
- GLSA-202210-42
- GLSA-202210-42
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://security.netapp.com/advisory/ntap-20220526-0009/
- https://security.netapp.com/advisory/ntap-20220729-0004/
- https://security.netapp.com/advisory/ntap-20220729-0004/
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213257
- DSA-5111
- DSA-5111
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://www.openwall.com/lists/oss-security/2022/03/28/1
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://www.openwall.com/lists/oss-security/2022/03/28/3
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html