Security vulnerability: attack via metadata in FLAC files

FireFly Media Server (formerly mt-daapd) Firefly Media Server Forums Firefly Media Server Feature Requests Security vulnerability: attack via metadata in FLAC files

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #1966
    Anonymous
    Inactive

    Here’s some interesting reading on vulnerabilities in some software that reads FLAC files. They all are variations on the theme of creating a FLAC file with special metadata values that cause heap overflows etc.

    http://research.eeye.com/html/advisories/published/AD20071115.html

    It looks to me like this is a different vulnerability than the two mentioned on the Downloads page as already fixed:

    • CVE-2007-5824 (DoS)
    • CVE-2007-5825 (Format string vulnerability)

    The report says that “libFLAC version 1.2.1 was released in September, 2007, fixing these vulnerabilities”. I haven’t been able to find information about whether a fix is in the current builds of Firefly.

    #14639
    rpedde
    Participant

    @Jim DeLaHunt wrote:

    Here’s some interesting reading on vulnerabilities in some software that reads FLAC files. They all are variations on the theme of creating a FLAC file with special metadata values that cause heap overflows etc.

    http://research.eeye.com/html/advisories/published/AD20071115.html

    It looks to me like this is a different vulnerability than the two mentioned on the Downloads page as already fixed:

    • CVE-2007-5824 (DoS)
    • CVE-2007-5825 (Format string vulnerability)

    The report says that “libFLAC version 1.2.1 was released in September, 2007, fixing these vulnerabilities”. I haven’t been able to find information about whether a fix is in the current builds of Firefly.

    It’s not. I had seen the advisory, but hadn’t seen what the fixes are.

    The stables dont’ do flac, so they are safe. It’s nightlies that are vulnerable.

    Right now, my tree doesn’t even *compile*, so it will probably be the weekend before I can get a new nightly out with fixes.

    But I did see it, and anticipate releasing a fix for it. Workaround is to not scan flac files, obviously.

    — Ron

    #14640
    blamm
    Participant

    Or only scan your own.

Viewing 3 posts - 1 through 3 (of 3 total)
  • The forum ‘Feature Requests’ is closed to new topics and replies.