Ubuntu Update for Linux kernel vulnerabilities USN-1478-1

Please Install the Updated Packages.

Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.10. (CVE-2011-3929, CVE-2011-3936) Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed NSV files. If a user were tricked into opening a crafted NSV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3940) Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed Kega Game Video (KGV1) files. If a user were tricked into opening a crafted Kega Game Video (KGV1) file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3945) Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed MJPEG-B files. If a user were tricked into opening a crafted MJPEG-B file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3947) Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DPCM files. If a user were tricked into opening a crafted DPCM file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3951) Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed KMVC files. If a user were tricked into opening a crafted KMVC file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 11.04 and Ubuntu 11.10. (CVE-2011-3952) Jeong Wook Oh discovered that Libav incorrectly handled certain malformed ASF files. If a user were tricked into ... Description truncated, for more information please check the Reference URL

libav on Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 11.04

• https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-June/001725.html

---

Updated on 2015-03-25