Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
gstreamer-plugins-bad.31547
gstreamer-plugins-bad-CVE-2023-40476.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gstreamer-plugins-bad-CVE-2023-40476.patch of Package gstreamer-plugins-bad.31547
Author: Nicolas Dufresne <nicolas.dufresne@collabora.com> Date: Wed Aug 9 12:49:19 2023 -0400 h265parser: Fix possible overflow using max_sub_layers_minus1 This fixes a possible overflow that can be triggered by an invalid value of max_sub_layers_minus1 being set in the bitstream. The bitstream uses 3 bits, but the allowed range is 0 to 6 only. Fixes ZDI-CAN-21768, CVE-2023-40476 Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2895 Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5364> diff -Nura gst-plugins-bad-1.20.1/gst-libs/gst/codecparsers/gsth265parser.c gst-plugins-bad-1.20.1_new/gst-libs/gst/codecparsers/gsth265parser.c --- gst-plugins-bad-1.20.1/gst-libs/gst/codecparsers/gsth265parser.c 2022-03-14 19:33:40.000000000 +0800 +++ gst-plugins-bad-1.20.1_new/gst-libs/gst/codecparsers/gsth265parser.c 2023-10-31 16:09:58.934484730 +0800 @@ -1670,6 +1670,7 @@ READ_UINT8 (&nr, vps->max_layers_minus1, 6); READ_UINT8 (&nr, vps->max_sub_layers_minus1, 3); + CHECK_ALLOWED (vps->max_sub_layers_minus1, 0, 6); READ_UINT8 (&nr, vps->temporal_id_nesting_flag, 1); /* skip reserved_0xffff_16bits */ @@ -1848,6 +1849,7 @@ sps->vps = vps; READ_UINT8 (&nr, sps->max_sub_layers_minus1, 3); + CHECK_ALLOWED (sps->max_sub_layers_minus1, 0, 6); READ_UINT8 (&nr, sps->temporal_id_nesting_flag, 1); if (!gst_h265_parse_profile_tier_level (&sps->profile_tier_level, &nr,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
