Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2023-50007

HistoryApr 19, 2024 - 5:15 p.m.

CVE-2023-50007

2024-04-1917:15:51

Debian Security Bug Tracker

security-tracker.debian.org

cve-2023-50007

ffmpeg

buffer overflow

arbitrary code execution

local attacker

theav_samples_set_silence

libavutil

unix

8 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

OSVersionArchitecturePackageVersionFilename
Debian12allffmpeg<= 7:5.1.5-0+deb12u1ffmpeg_7:5.1.5-0+deb12u1_all.deb
Debian11allffmpeg< 7:4.3.6-0+deb11u1ffmpeg_7:4.3.6-0+deb11u1_all.deb
Debian10allffmpeg< 7:4.1.9-0+deb10u1ffmpeg_7:4.1.9-0+deb10u1_all.deb
Debian999allffmpeg<= 7:6.1.1-4ffmpeg_7:6.1.1-4_all.deb
Debian13allffmpeg<= 7:6.1.1-4ffmpeg_7:6.1.1-4_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	ffmpeg	<= 7:5.1.5-0+deb12u1	ffmpeg_7:5.1.5-0+deb12u1_all.deb
Debian	11	all	ffmpeg	< 7:4.3.6-0+deb11u1	ffmpeg_7:4.3.6-0+deb11u1_all.deb
Debian	10	all	ffmpeg	< 7:4.1.9-0+deb10u1	ffmpeg_7:4.1.9-0+deb10u1_all.deb
Debian	999	all	ffmpeg	<= 7:6.1.1-4	ffmpeg_7:6.1.1-4_all.deb
Debian	13	all	ffmpeg	<= 7:6.1.1-4	ffmpeg_7:6.1.1-4_all.deb