You are here: Home » Reply » Reply To: Security vulnerability: attack via metadata in FLAC files

Reply To: Security vulnerability: attack via metadata in FLAC files

#14639
rpedde
Participant

@Jim DeLaHunt wrote:

Here’s some interesting reading on vulnerabilities in some software that reads FLAC files. They all are variations on the theme of creating a FLAC file with special metadata values that cause heap overflows etc.

http://research.eeye.com/html/advisories/published/AD20071115.html

It looks to me like this is a different vulnerability than the two mentioned on the Downloads page as already fixed:

  • CVE-2007-5824 (DoS)
  • CVE-2007-5825 (Format string vulnerability)

The report says that “libFLAC version 1.2.1 was released in September, 2007, fixing these vulnerabilities”. I haven’t been able to find information about whether a fix is in the current builds of Firefly.

It’s not. I had seen the advisory, but hadn’t seen what the fixes are.

The stables dont’ do flac, so they are safe. It’s nightlies that are vulnerable.

Right now, my tree doesn’t even *compile*, so it will probably be the weekend before I can get a new nightly out with fixes.

But I did see it, and anticipate releasing a fix for it. Workaround is to not scan flac files, obviously.

— Ron