[SECURITY] [DSA 4998-1] ffmpeg security update

2021-10-3116:40:22

lists.debian.org

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

72.5%

JSON

Debian Security Advisory DSA-4998-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
October 31, 2021 https://www.debian.org/security/faq

Package : ffmpeg
CVE ID : CVE-2020-20446 CVE-2020-20450 CVE-2020-20453 CVE-2020-22037
CVE-2020-22042 CVE-2021-38114 CVE-2021-38171 CVE-2021-38291
CVE-2020-21697 CVE-2020-21688 CVE-2020-20445

Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (bullseye), these problems have been fixed in
version 7:4.3.3-0+deb11u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian11s390xlibavresample-dev< 7:4.3.3-0+deb11u1libavresample-dev_7:4.3.3-0+deb11u1_s390x.deb
Debian11i386libavresample4-dbgsym< 7:4.3.3-0+deb11u1libavresample4-dbgsym_7:4.3.3-0+deb11u1_i386.deb
Debian11mips64ellibavdevice58-dbgsym< 7:4.3.3-0+deb11u1libavdevice58-dbgsym_7:4.3.3-0+deb11u1_mips64el.deb
Debian9alllibav-tools< 7:3.2.16-1+deb9u1libav-tools_7:3.2.16-1+deb9u1_all.deb
Debian10mips64ellibpostproc55-dbgsym< 7:4.1.8-0+deb10u1libpostproc55-dbgsym_7:4.1.8-0+deb10u1_mips64el.deb
Debian11armellibswresample3-dbgsym< 7:4.3.3-0+deb11u1libswresample3-dbgsym_7:4.3.3-0+deb11u1_armel.deb
Debian9allffmpeg-doc< 7:3.2.16-1+deb9u1ffmpeg-doc_7:3.2.16-1+deb9u1_all.deb
Debian9arm64libavfilter-extra6< 7:3.2.16-1+deb9u1libavfilter-extra6_7:3.2.16-1+deb9u1_arm64.deb
Debian10armhflibswresample3< 7:4.1.8-0+deb10u1libswresample3_7:4.1.8-0+deb10u1_armhf.deb
Debian11i386libswresample-dev< 7:4.3.3-0+deb11u1libswresample-dev_7:4.3.3-0+deb11u1_i386.deb

OS	Version	Architecture	Package	Version	Filename
Debian	11	s390x	libavresample-dev	< 7:4.3.3-0+deb11u1	libavresample-dev_7:4.3.3-0+deb11u1_s390x.deb
Debian	11	i386	libavresample4-dbgsym	< 7:4.3.3-0+deb11u1	libavresample4-dbgsym_7:4.3.3-0+deb11u1_i386.deb
Debian	11	mips64el	libavdevice58-dbgsym	< 7:4.3.3-0+deb11u1	libavdevice58-dbgsym_7:4.3.3-0+deb11u1_mips64el.deb
Debian	9	all	libav-tools	< 7:3.2.16-1+deb9u1	libav-tools_7:3.2.16-1+deb9u1_all.deb
Debian	10	mips64el	libpostproc55-dbgsym	< 7:4.1.8-0+deb10u1	libpostproc55-dbgsym_7:4.1.8-0+deb10u1_mips64el.deb
Debian	11	armel	libswresample3-dbgsym	< 7:4.3.3-0+deb11u1	libswresample3-dbgsym_7:4.3.3-0+deb11u1_armel.deb
Debian	9	all	ffmpeg-doc	< 7:3.2.16-1+deb9u1	ffmpeg-doc_7:3.2.16-1+deb9u1_all.deb
Debian	9	arm64	libavfilter-extra6	< 7:3.2.16-1+deb9u1	libavfilter-extra6_7:3.2.16-1+deb9u1_arm64.deb
Debian	10	armhf	libswresample3	< 7:4.1.8-0+deb10u1	libswresample3_7:4.1.8-0+deb10u1_armhf.deb
Debian	11	i386	libswresample-dev	< 7:4.3.3-0+deb11u1	libswresample-dev_7:4.3.3-0+deb11u1_i386.deb