http://bugzilla.suse.com/show_bug.cgi?id=1001214 Bug ID: 1001214 Summary: VUL-0: CVE-2016-7499: divide-by-zero in sbr_make_f_master Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: mpluskal@suse.com Reporter: abergmann@suse.com QA Contact: qa-bugs@suse.de Found By: Security Response Team Blocker: --- http://seclists.org/oss-sec/2016/q3/585 https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_m... A fuzzing with an mp3 file as input discovered a divide-by-zero in sbr_make_f_master. AddressSanitizer: FPE on unknown address sbr_make_f_master libav-11.7/libavcodec/aacsbr.c:338:57 Use CVE-2016-7499. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7499 http://seclists.org/oss-sec/2016/q3/585 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7499.html -- You are receiving this mail because: You are on the CC list for the bug.