dr_libs Uncontrolled Memory Allocation Vulnerability in FLAC Metadata Processing
Vulnerability
A vulnerability allowing uncontrolled memory allocation has been identified in dr_libs versions through 0.13.3. This issue arises in the function drflac__read_and_decode_metadata(), where the PICTURE metadata blocks are processed. Attackers can exploit this vulnerability by crafting FLAC streams that include manipulated mimeLength and descriptionLength fields, leading to excessive memory allocation. This exploitation causes a denial-of-service condition by exhausting available memory, particularly when FLAC streams are handled with metadata callbacks.
Impact
Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to exhaust available memory resources and potentially terminate prematurely.
Reproduction
The vulnerability can be reproduced by using a crafted FLAC file that includes PICTURE metadata blocks with manipulated mimeLength and descriptionLength values. This can be done by using a FLAC fuzzer to generate a file that triggers the vulnerability, or by manually creating a FLAC file with the appropriate metadata. The vulnerable function can be called directly from a C program, bypassing the need for a fuzzer.
Remediation
Users are advised to update to dr_libs version 0.13.4 or later, where this vulnerability has been addressed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.