PT-2026-45963

These are all security issues fixed in the ffmpeg-4-4.4.7-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10931-1 ffmpeg-4-4.4.7-3.1 on GA media

These are all security issues fixed in the ffmpeg-4-4.4.7-3.1 package on the GA media of openSUSE Tumbleweed...

Security update for ffmpeg-4 (important)

openSUSE security update: security update for ffmpeg-4 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20855-1 Rating: important References: bsc1234030 bsc1237561 bsc1249393 bsc1249431 Cross-References: CVE-2024-35366 CVE-2024-35368 CVE-2024-36618...

Ubuntu 24.04 LTS : FFmpeg vulnerability (USN-8329-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8329-1 advisory. It was discovered that the FFmpeg CAF decoder incorrectly handled certain file size calculations. An attacker could possibly use this issue to cause FFmpeg to...

OPENSUSE-SU-2026:20855-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - Add check for the return value of avmallocarray to avoid potential NULL pointer dereference. CVE-2025-10256, bsc1249431 - Update to version 4.4.7: Codecs, filters and other various bugfixes aacenctns: clamp filter directi...

Advisory ROSA-SA-2026-3312

Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...

ffmpeg-8-8.1.1-3.1 on GA media (moderate)

ffmpeg-8-8.1.1-3.1 on GA media Announcement ID: openSUSE-SU-2026:10890-1 Rating: moderate Cross-References: CVE-2025-10256 CVE-2025-1594 CVE-2025-9951 CVE-2026-30997 CVSS scores: CVE-2025-10256 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-10256 SUSE : 6.8...

NeuroLog: Reasoning You Can Audit -- Neuro-Symbolic Vulnerability Discovery Via LLM Facts, Datalog, and SMT

Vulnerability discovery on C/C++ source asks the analyst to choose between heavyweight static analysers, which need a working build before a single query runs, and free-form LLMs, which read source readily but invent details and lose track of cross-function dataflow on real codebases. We present...

OPENSUSE-SU-2026:10890-1 ffmpeg-8-8.1.1-3.1 on GA media

These are all security issues fixed in the ffmpeg-8-8.1.1-3.1 package on the GA media of openSUSE Tumbleweed...

USN-8329-1: FFmpeg vulnerability

It was discovered that the FFmpeg CAF decoder incorrectly handled certain file size calculations. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service...

ffmpeg-7-7.1.4-2.1 on GA media (moderate)

ffmpeg-7-7.1.4-2.1 on GA media Announcement ID: openSUSE-SU-2026:10867-1 Rating: moderate Cross-References: CVE-2024-35366 CVE-2025-10256 CVE-2025-1594 CVE-2025-9951 CVSS scores: CVE-2024-35366 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-35366 SUSE : 6.9...

ffmpeg-4-4.4.7-2.1 on GA media (moderate)

ffmpeg-4-4.4.7-2.1 on GA media Announcement ID: openSUSE-SU-2026:10866-1 Rating: moderate Cross-References: CVE-2024-35366 CVE-2025-10256 CVE-2025-1594 CVE-2025-9951 CVSS scores: CVE-2024-35366 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-35366 SUSE : 6.9...

OPENSUSE-SU-2026:10866-1 ffmpeg-4-4.4.7-2.1 on GA media

These are all security issues fixed in the ffmpeg-4-4.4.7-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10867-1 ffmpeg-7-7.1.4-2.1 on GA media

These are all security issues fixed in the ffmpeg-7-7.1.4-2.1 package on the GA media of openSUSE Tumbleweed...

MGASA-2026-0153 Updated ffmpeg packages fix security vulnerabilities

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input. CVE-2026-30997 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to...

Updated ffmpeg packages fix security vulnerabilities

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input. CVE-2026-30997 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to...

PT-2026-50667

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 8.1.2 Description A heap out-of-bounds write issue exists in the MagicYUV decoder within the libavcodec library, specifically in the file libavcodec/magicyuv.C. The flaw, dubbed PixelSmash, is caused by a rounding...

Astra Linux – Vulnerability in ffmpeg

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from an assertion failure in src/libavutil/mathematics.c...

Astra Linux - уязвимость в ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the file libavfilter/afafade.c within crossfadesamplesfltp. This vulnerability may lead to memory corruption and other potential issues...

Astra Linux - уязвимость в ffmpeg

A flaw was discovered in FFmpeg’s HLS playlist parsing. This vulnerability allows for a denial of service through a maliciously crafted HLS playlist, which triggers a null pointer dereference during initialization...