Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • Adélie Package Tree Adélie Package Tree
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 384
    • Issues 384
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 20
    • Merge requests 20
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Releases
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Adélie Linux
  • Adélie Package TreeAdélie Package Tree
  • Issues
  • #279
Closed
Open
Created May 01, 2020 by Emily@emily🤖

user/vlc: multiple vulnerabilities

Bugzilla ID 279
Alias(es) CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080
Reporter Max Rees (sroracle)
Assignee Max Rees (sroracle)
Reported 2020-05-01 15:37:48 -0500
Modified 2020-05-10 10:53:39 -0500
Status RESOLVED INVALID
Version 1.0-RC1
Hardware Adélie Linux / All
Importance --- / normal

Description

CVE-2020-6073: https://nvd.nist.gov/vuln/detail/CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT
record-parsing functionality of Videolabs libmicrodns 0.1.0. When
parsing the RDATA section in a TXT record in mDNS messages, multiple
integer overflows can be triggered, leading to a denial of service. An
attacker can send an mDNS message to trigger this vulnerability.

CVE-2020-6071: https://nvd.nist.gov/vuln/detail/CVE-2020-6071

An exploitable denial-of-service vulnerability exists in the resource
record-parsing functionality of Videolabs libmicrodns 0.1.0. When
parsing compressed labels in mDNS messages, the compression pointer is
followed without checking for recursion, leading to a denial of
service. An attacker can send an mDNS message to trigger this
vulnerability.

CVE-2020-6072: https://nvd.nist.gov/vuln/detail/CVE-2020-6072

An exploitable code execution vulnerability exists in the label-
parsing functionality of Videolabs libmicrodns 0.1.0. When parsing
compressed labels in mDNS messages, the rr_decode function's return
value is not checked, leading to a double free that could be exploited
to execute arbitrary code. An attacker can send an mDNS message to
trigger this vulnerability.

CVE-2020-6078: https://nvd.nist.gov/vuln/detail/CVE-2020-6078

An exploitable denial-of-service vulnerability exists in the message-
parsing functionality of Videolabs libmicrodns 0.1.0. When parsing
mDNS messages in mdns_recv, the return value of the mdns_read_header
function is not checked, leading to an uninitialized variable usage
that eventually results in a null pointer dereference, leading to
service crash. An attacker can send a series of mDNS messages to
trigger this vulnerability.

CVE-2020-6080: https://nvd.nist.gov/vuln/detail/CVE-2020-6080

An exploitable denial-of-service vulnerability exists in the resource
allocation handling of Videolabs libmicrodns 0.1.0. When encountering
errors while parsing mDNS messages, some allocated data is not freed,
possibly leading to a denial-of-service condition via resource
exhaustion. An attacker can send one mDNS message repeatedly to
trigger this vulnerability through the function rr_read_RR [5] reads
the current resource record, except for the RDATA section. This is
read by the loop at in rr_read. For each RR type, a different function
is called. When the RR type is 0x10, the function rr_read_TXT is
called at [6].

CVE-2020-6079: https://nvd.nist.gov/vuln/detail/CVE-2020-6079

An exploitable denial-of-service vulnerability exists in the resource
allocation handling of Videolabs libmicrodns 0.1.0. When encountering
errors while parsing mDNS messages, some allocated data is not freed,
possibly leading to a denial-of-service condition via resource
exhaustion. An attacker can send one mDNS message repeatedly to
trigger this vulnerability through decoding of the domain name
performed by rr_decode.

CVE-2020-6077: https://nvd.nist.gov/vuln/detail/CVE-2020-6077

An exploitable denial-of-service vulnerability exists in the message-
parsing functionality of Videolabs libmicrodns 0.1.0. When parsing
mDNS messages, the implementation does not properly keep track of the
available data in the message, possibly leading to an out-of-bounds
read that would result in a denial of service. An attacker can send an
mDNS message to trigger this vulnerability.

It does not appear to me that we are building the microdns module at
this time. However, in any case this is fixed in microdns >= 0.1.1 and
vlc >= 3.0.9.

https://github.com/videolabs/libmicrodns/releases/tag/0.1.1
https://www.videolan.org/developers/vlc-branch/NEWS

Assignee
Assign to
Time tracking