Launchpad.net

CVE 2016-9445

Integer overflow in the vmnc decoder in the gstreamer allows remote attackers to cause a denial of service (crash) via large width and height values, which triggers a buffer overflow.

Related bugs and status

CVE-2016-9445 (Candidate) is related to these bugs:

Bug #1619600: [SRU] New stable release 1.8.3

		In	Importance	Status
1619600	[SRU] New stable release 1.8.3	gstreamer1.0 (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-libav1.0 (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-bad1.0 (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-base1.0 (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-good1.0 (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-ugly1.0 (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gstreamer-vaapi (Ubuntu)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-libav1.0 (Ubuntu Xenial)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-bad1.0 (Ubuntu Xenial)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-base1.0 (Ubuntu Xenial)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-good1.0 (Ubuntu Xenial)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gst-plugins-ugly1.0 (Ubuntu Xenial)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gstreamer-vaapi (Ubuntu Xenial)	Undecided	Fix Released
1619600	[SRU] New stable release 1.8.3	gstreamer1.0 (Ubuntu Xenial)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-9445

Related bugs and status

Related bugs

References