Menu
▾
▴
#463 CVE-2017-9412 unpack_read_samples function in frontend/get_audio.c invalid memory read and application crash
The unpack_read_samples function in frontend/get_audio.c in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted wav file.
Following CVE is assigned for this issue: https://nvd.nist.gov/vuln/detail/CVE-2017-9411
Originally reported here http://seclists.org/fulldisclosure/2017/Jul/63 as the third issue.
PoC in http://seclists.org/fulldisclosure/2017/Jul/att-63/poc_zip.bin
Following CVE is assigned for this issue: https://nvd.nist.gov/vuln/detail/CVE-2017-9412
Sorry for typo in the post. Can't edit it.
I don't know if it was already reported, but it shouldn't get a cve.
Thanks, we get addressed in version 3.100.
Hi, would be great to have version 3.100 released asap to make some tests again.
Well, if you browse the CVS repository and look into the module LAME, you can download a GNU tarball (link at the bottom). So you could do make some tests even before we have an official 3.100 release.
you're right, but I'm using it from our package manager. A manually test implies more work and I can't right now.
Hi Robert,
I am more than happy to help with the fuzzing. Currently running with four cores with speed of 500 executios per second. I will notify you when the fuzzing is done or if I found anything worth of fixing. Have a great weekend.