4

https://threatpost.com/high-risk-vlc-media-player-bugs/147503/ shows attacks with carefully crafted video files.

Can I protect my local users against this?

I imagine the attack will abuse the file format, so my hope is that, I could ask my users to download the file into a checking dir, then run some sort of checker or repair tool on it to make sure it was OK. Possibly some ffmpeg magic? Would ffmpeg copy be enough?

Ole Tange
  • 301
  • 1
  • 9
  • *"... protect my users ..."* - The actual use case is unclear for me. Are you providing a video upload site, are you protecting a company network, are you protecting a video processing company, are you protecting a home network ... – Steffen Ullrich Mar 13 '21 at 07:37
  • @SteffenUllrich It is protecting my local users (it is not a video upload site). We can assume that my users will download a video in dir A and press the "Verify this video" button somehow, and only play the video if it is OK. – Ole Tange Mar 13 '21 at 14:02
  • *"We can assume that my users will download a video in dir A and press the "Verify this video" button somehow, and only play the video if it is OK"* - this does not really match what you say about "repair" in your question, because repairing would require the user to also download the repaired version. In general the security problems with videos come from bugs in the application, usually by expecting the file format to be in a specific way but not verifying it actually. New bugs like this can crop up all the time. Re-encoding with ffmpeg or similar usually implicitly sanitizes files. – Steffen Ullrich Mar 13 '21 at 14:10
  • @SteffenUllrich The users will play it from that directory. Think shared NFS dir. And please do not focus on the users. I will deal with those. Is it possible to ask `ffmpeg` to recode as the same format without quality loss? – Ole Tange Mar 13 '21 at 14:36
  • 1
    ffmpeg can copy the original codecs, but this would then only protect against bugs in the media container (like MP4) and not the media itself. Converting from one lossy codec to another lossy codec will always be lossy. If this actually impacts the perceived quality depends on the specific codecs and settings used. – Steffen Ullrich Mar 13 '21 at 16:03
  • the proposed solution of reencode the video looks reasonable and as Steffen mention you will have the same quality on the video. – camp0 Mar 13 '21 at 16:46

0 Answers0