Grip: CDDB response overflow — GLSA 200503-21

Grip contains a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code.

Affected packages

media-sound/grip on all architectures
Affected versions < 3.3.0
Unaffected versions >= 3.3.0

Background

Grip is a GTK+ based audio CD player/ripper.

Description

Joseph VanAndel has discovered a buffer overflow in Grip when processing large CDDB results.

Impact

A malicious CDDB server could cause Grip to crash by returning more then 16 matches, potentially allowing the execution of arbitrary code with the privileges of the user running the application.

Workaround

Disable automatic CDDB queries, but we highly encourage users to upgrade to 3.3.0.

Resolution

All Grip users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-sound/grip-3.3.0"

References

Release date
March 17, 2005

Latest revision
March 17, 2005: 01

Severity
normal

Exploitable
remote

Bugzilla entries