** Summary changed: - Plugin "SNES-SPC700 Sound File Data decoder" in gstreamer1.0-plugins-bad may have security vulnerability + Arbitrary code execution via malformed SPC music file
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to game-music-emu in Ubuntu. https://bugs.launchpad.net/bugs/1650523 Title: Arbitrary code execution via malformed SPC music file Status in game-music-emu package in Ubuntu: Fix Released Status in game-music-emu package in Debian: Fix Released Bug description: Steps: 1. Ubuntu 16.04.1 LTS 2. Trying to play xcalc_ubuntu_16.04_libc_2.23-0ubuntu3.spc file from this blog post ( https://scarybeastsecurity.blogspot.ru/2016/12/redux-compromising-linux-using-snes.html ) and this video ( https://www.youtube.com/watch?v=wrCLoem6ggM ). 3. Totem found required plugin for playing "SNES-SPC700 Sound File Data decoder" which is in gstreamer1.0-plugins-bad. 4. xcalc does not launched on music play or by Nautilus launch. Ubuntu security team, please read blog post (see above link) and confirm (and fix) or refute zero-day vulnerability. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: gstreamer1.0-plugins-bad 1.8.2-1ubuntu0.2 ProcVersionSignature: Ubuntu 4.4.0-31.50-generic 4.4.13 Uname: Linux 4.4.0-31-generic i686 ApportVersion: 2.20.1-0ubuntu2.1 Architecture: i386 CasperVersion: 1.376 CurrentDesktop: Unity Date: Fri Dec 16 12:03:27 2016 LiveMediaBuild: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release i386 (20160719) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: gst-plugins-bad1.0 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/game-music-emu/+bug/1650523/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
