CVE-2013-0899

Published: Feb 23, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet.

Affected (5)

Products: Opus Codec: Opus · Google: Chrome · Opensuse: Opensuse

1 product

1 product

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Opus Codec Opus	Before 1.0.2

Running on/with	Platform Versions
Google Chrome	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Google Chrome	Before 25.0.1364.97

Running on/with	Platform Versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Configuration C

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Google Chrome	Before 25.0.1364.99

Running on/with	Platform Versions
Apple Ipados	All versions
Apple Iphone Os	All versions
Apple Mac Os X	All versions
Apple Macos	All versions

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Opensuse	Version 12.1
Opensuse Opensuse	Version 12.2

Related CWEs

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (16)

http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html

Source: chrome-cve-admin@google.com

http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html

Source: chrome-cve-admin@google.com

http://opus-codec.org/downloads/

Source: chrome-cve-admin@google.com

https://code.google.com/p/chromium/issues/detail?id=160480

Source: chrome-cve-admin@google.com

https://codereview.chromium.org/11575026

Source: chrome-cve-admin@google.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16027

Source: chrome-cve-admin@google.com

https://src.chromium.org/viewvc/chrome/trunk/deps/third_party/opus/src/opus_decoder.c?r1=173498&r2=173497&pathrev=173498

Source: chrome-cve-admin@google.com

https://src.chromium.org/viewvc/chrome?view=rev&revision=173498

Source: chrome-cve-admin@google.com

http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://opus-codec.org/downloads/

Source: af854a3a-2127-422b-91ae-364da2661108

https://code.google.com/p/chromium/issues/detail?id=160480

Source: af854a3a-2127-422b-91ae-364da2661108

https://codereview.chromium.org/11575026

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16027

Source: af854a3a-2127-422b-91ae-364da2661108

https://src.chromium.org/viewvc/chrome/trunk/deps/third_party/opus/src/opus_decoder.c?r1=173498&r2=173497&pathrev=173498

Source: af854a3a-2127-422b-91ae-364da2661108

https://src.chromium.org/viewvc/chrome?view=rev&revision=173498

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.