Vulnerability Name:

CVE-2020-26682 (CCN-189933)

Assigned:2020-09-26
Published:2020-09-26
Updated:2022-06-15
Summary:In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
CVSS v3 Severity:8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-190
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2020-26682

Source: MLIST
Type: Exploit, Issue Tracking, Mailing List, Third Party Advisory
[oss-security] 20201119 Re: libass ass_outline.c signed integer overflow

Source: XF
Type: UNKNOWN
libass-cve202026682-dos(189933)

Source: CCN
Type: libass GIT Repository
Bug in ass_outline.c:1354: _Bool outline_stroke(ASS_Outline , ASS_Outline , const ASS_Outline , int, int, int): Assertion `rad >= eps' failed. #431

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://github.com/libass/libass/issues/431

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://github.com/libass/libass/pull/432

Source: GENTOO
Type: Third Party Advisory
GLSA-202012-12

Vulnerable Configuration:Configuration 1:
  • cpe:/a:libass_project:libass:0.14.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7920
    P
    		libass-devel-0.14.0-150000.3.11.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3301
    P
    		memcached-1.4.39-4.6.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94931
    P
    		libass-devel-0.14.0-3.9.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94832
    P
    		squashfs-4.4-1.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:99223
    P
    		 (Moderate)
    2022-03-09
    oval:org.opensuse.security:def:102246
    P
    		Security update for samba (Critical)
    2022-02-08
    oval:org.opensuse.security:def:1686
    P
    		Security update for xen (Important)
    2022-02-04
    oval:org.opensuse.security:def:101545
    P
    		Security update for ruby2.5 (Important)
    2021-12-01
    oval:org.opensuse.security:def:99421
    P
    		 (Important)
    2021-10-15
    oval:org.opensuse.security:def:62775
    P
    		libass-devel-0.14.0-3.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72494
    P
    		libass-devel-0.14.0-3.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101181
    P
    		libass-devel-0.14.0-3.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:5985
    P
    		Security update for tar (Low)
    2021-03-29
    oval:org.opensuse.security:def:111289
    P
    		Security update for libass (Important)
    2021-03-25
    oval:org.opensuse.security:def:69614
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:10421
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:8724
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:99620
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:97335
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:93181
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:70561
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:9671
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:99028
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:92670
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:69811
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:117725
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:8917
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:99819
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:93334
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:92078
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:65276
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:9870
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:4187
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:92869
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:70010
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:74344
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:9112
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:100131
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:108211
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:92273
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:67074
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:10228
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:93028
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:70368
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:76142
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:9474
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:108912
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:95533
    P
    		Security update for libass (Important)
    2021-03-24
    oval:org.opensuse.security:def:92471
    P
    		Security update for libass (Important)
    2021-03-24
    BACK
    libass_project libass 0.14.0