SoylentNews is people
SoylentNews
Submitted via IRC for SoyCow1944
An attacker could remotely take full control over a computer system while playing untrusted videos with any version of VLC media player software prior to 3.0.7.
The hack is possible due to two high-risk security flaws (CVE-2019-5439, CVE-2019-12874) that could potentially lead to arbitrary code execution attacks. The company Videolan also addressed many other medium and low-severity security vulnerabilities in its software.
"A remote user can create some specially crafted avi or mkv files that, when loaded by the target user, will trigger a heap buffer overflow (read) in ReadFrame (demux/avi/avi.c), or a double free in zlib_decompress_extra() (demux/mkv/utils.cpp) respectively" reads the security advisory published by the company. "If successful, a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user."
Source: https://securityaffairs.co/wordpress/87433/breaking-news/vlc-player-flaws.html
(Score: 0) by Anonymous Coward on Wednesday June 26 2019, @12:03AM (6 children)
What kind of newspeak is that? Do we have Untrusted Textfiles or even some Untrusted ASCII character too?
(Score: 2) by JoeMerchant on Wednesday June 26 2019, @01:26AM (2 children)
>Do we have Untrusted Textfiles
Perhaps, but they generally don't have enough data to hide large malware in side channels, whereas everybody streaming Game of Thrones or whatever from pirate sites before it's aired... yeah, that qualifies as untrusted videos.
🌻🌻 [google.com]
(Score: 3, Touché) by PiMuNu on Wednesday June 26 2019, @04:51PM (1 child)
> > Do we have Untrusted Textfiles
>
> Perhaps, but they generally don't have enough data to hide large malware in side channels,
Vim:
https://www.techworm.net/2019/06/linux-vulnerability-vim-neovim-editor.html [techworm.net]
(Score: 2) by JoeMerchant on Wednesday June 26 2019, @08:06PM
VI: there's no accounting for people with brain damage.
🌻🌻 [google.com]
(Score: 5, Funny) by takyon on Wednesday June 26 2019, @01:28AM
I prefer "hot video payloads".
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 3, Insightful) by pkrasimirov on Wednesday June 26 2019, @11:17AM (1 child)
> Do we have Untrusted Textfiles
Yes. Perhaps you missed the news: https://soylentnews.org/article.pl?sid=19/06/12/1429257 [soylentnews.org] Note even if you use cat it will still be hidden.
> even some Untrusted ASCII character too?
Of course, only these days it's Unicode. For example 卐 is illegal in Germany.
On a more technical note: https://en.wikipedia.org/wiki/IDN_homograph_attack [wikipedia.org] You can also look up UTF decoding attacks.
(Score: 2) by darkfeline on Friday June 28 2019, @07:31AM
Data IS code. This fact is more obvious for Lispers, but any data that is processed is manipulating the execution of code. Even something as simple as a csv passed into a sed process that substitutes tabs for commas, the csv is controlling the execution of the sed process.
Thus, the question is always, is it possible for an input supplied to your eval to cause it to do something unintentional. The more complex or powerful your eval is, the harder it is to ensure that some input doesn't cause unwanted behavior. It turns out decoding video is nontrivial, so it's not surprising that a crafted video could cause unwanted behavior in a video player.
If you pass a text file into a shell (even a restricted shell), then there's a pretty high probability that the text file could Fuck Your Shit Up, as shells are complex and powerful. Passing that file to cat, it's probably okay since cat is simple. But then that data goes to your terminal, and it turns out that terminals are pretty complex with all of those control codes...
Join the SDF Public Access UNIX System today!