A vulnerability in a multimedia framework present on Version 12.04.5 of Ubuntu can be exploited by sound files meant to be played on the venerable Nintendo Entertainment System, according to security researcher Chris Evans.
The vulnerability is the result of a flaw in an audio decoder called libgstnsf.so, which allows gstreamer Version 0.10 to play the NSF files that the NES uses for music. NSF files, when played, use the host system’s hardware to create a virtualized version of the NES’ old 6502 processor and sound hardware in real time.
What the exploit does, in essence, is take advantage of the way NES cartridges used to handle switching between certain memory registers to run code on an unsuspecting Linux user’s desktop. (The sample exploit Evans provides uses the vulnerability to run Xcalc.)
Evans suggests that the exploit could theoretically be distributed via email attachment, drive-by download targeting Google Chrome, or by USB, though it’s unlikely to become a widespread threat.
Submitted by: Arnfried Walbrecht