CVE-2018-19857: Infoleak
First published: Wed Dec 05 2018(Updated: )
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Videolan Vlc Media Player | =3.0.4 | |
| Debian Debian Linux | =9.0 | |
| ubuntu/vlc | <3.0.7.1-0ubuntu18.04.1 | 3.0.7.1-0ubuntu18.04.1 |
| ubuntu/vlc | <3.0.4-4 | 3.0.4-4 |
| debian/vlc | 3.0.17.4-0+deb10u1 3.0.20-0+deb10u1 3.0.20-0+deb11u1 3.0.20-0+deb12u1 3.0.20-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://dyntopia.com/advisories/013-vlc
- https://git.videolan.org/?p=vlc.git;a=commit;h=0cc5ea748ee5ff7705dde61ab15dff8f58be39d0
- http://www.securityfocus.com/bid/106130
- https://www.debian.org/security/2019/dsa-4366
- https://usn.ubuntu.com/4074-1/
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html
- https://launchpad.net/bugs/cve/CVE-2018-19857
- https://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=0cc5ea748ee5ff7705dde61ab15dff8f58be39d0
- https://lists.debian.org/debian-security-announce/2018/msg00130.html)
- https://security-tracker.debian.org/tracker/CVE-2018-19857
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19857
- https://ubuntu.com/security/notices/USN-4074-1
- https://nvd.nist.gov/vuln/detail/CVE-2018-19857
- https://ubuntu.com/security/CVE-2018-19857
Frequently Asked Questions
What is CVE-2018-19857?
CVE-2018-19857 is a vulnerability in the CAF demuxer in VideoLAN VLC media player 3.0.4 that may read memory from an uninitialized pointer when processing magic cookies in CAF files.
What is the severity of CVE-2018-19857?
The severity of CVE-2018-19857 is critical, with a severity value of 9.1.
Which software versions are affected by CVE-2018-19857?
The affected software versions include VLC media player 3.0.4 and Debian Linux 9.0.
How can I fix CVE-2018-19857?
To fix CVE-2018-19857, update your VLC media player to version 3.0.7.1-0ubuntu18.04.1 for Ubuntu Bionic, or version 3.0.4-4 for upstream Ubuntu, and update your Debian VLC package to one of the remedied versions: 3.0.17.4-0+deb10u1, 3.0.17.4-0+deb10u2, 3.0.18-0+deb11u1, 3.0.18-2, or 3.0.19-1.
Are there any references for CVE-2018-19857?
Yes, you can find more information about CVE-2018-19857 at the following links: - [OpenSUSE Security Announcement 2019-08](http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html) - [OpenSUSE Security Announcement 2019-08](http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html) - [OpenSUSE Security Announcement 2019-08](http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html)
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- agent/severity
- agent/remedy
- agent/references
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- vendor/videolan
- canonical/videolan vlc media player
- version/videolan vlc media player/3.0.4
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- package-manager/ubuntu
- package-manager/debian