CVE-2016-7969 — Out-of-bounds Read in Libass

CWE-125 — Out-of-bounds Read9 documents7 sources

Severity

7.5HIGHNVD

EPSS

4.0%

top 11.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libass Project Libass Debian Libass Fedoraproject Fedora +2 more

Timeline

PublishedMar 3

Latest updateMay 13

Description

The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages6 packages

▶debiandebian/libass< libass 0.13.4-1 (bookworm)

▶Debianlibass_project/libass< 0.13.4-1+3

▶Ubuntulibass_project/libass< 0.10.1-3ubuntu1+esm1+1

▶NVDlibass_project/libass0.13.3

▶NVDopensuse/leap42.1

Also affects: Fedora 23, 24, 25

Patches

Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-7r54-p742-5vp5: The wrap_lines_smart function in ass_render↗2022-05-13

▶

OSV

libass vulnerabilities↗2022-05-04

▶

OSV

CVE-2016-7969: The wrap_lines_smart function in ass_render↗2017-03-03

▶

CVEList

CVE-2016-7969: The wrap_lines_smart function in ass_render↗2017-03-03

▶

📋Vendor Advisories

Ubuntu

LibASS vulnerabilities↗2022-05-04

▶

Debian

CVE-2016-7969: libass - The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows rem...↗2016

▶

💬Community

Bugzilla

CVE-2016-7969 CVE-2016-7970 CVE-2016-7971 CVE-2016-7972 libass: Multiple issues disclosed with 0.13.4 update [epel-all]↗2016-10-05

▶

Bugzilla

CVE-2016-7969 CVE-2016-7970 CVE-2016-7971 CVE-2016-7972 libass: Multiple issues disclosed with 0.13.4 update [fedora-all]↗2016-10-05

▶