12 matches found
CVE-2019-17539
In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...
openSUSE: Security Advisory for ffmpeg (openSUSE-SU-2021:2322-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15: ffmpeg / libavcodec-devel / libavcodec57 / libavdevice57 / etc (SUSE-SU-2021:2322-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2322-1 advisory. - CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file bsc1172640. - CVE-2020-21041: Fixed buffer overfl...
Debian DLA-2537-1 : ffmpeg security update
Two vulnerabilities have been discovered in ffmpeg, a widely used multimedia framework. CVE-2019-17539 a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer CVE-2020-35965 an out-of-bounds write because of errors in calculations of when to...
USN-4431-1: FFmpeg vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : FFmpeg vulnerabilities (USN-4431-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4431-1 advisory. It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to...
USN-4431-1: FFmpeg vulnerabilities
It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see:...
Debian DSA-4722-1 : ffmpeg - security update
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
[SECURITY] [DSA 4722-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4722-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 08, 2020 https://www.debian.org/security/faq -...
MGASA-2020-0046 Updated ffmpeg packages fix security vulnerabilities
Updated ffmpeg packages fix security vulnerabilities: This update provides ffmpeg version 4.1.5, which fixes several bugs, and atleasst the follwing security vulnerabilities: In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other...
Updated ffmpeg packages fix security vulnerabilities
Updated ffmpeg packages fix security vulnerabilities: This update provides ffmpeg version 4.1.5, which fixes several bugs, and atleasst the follwing security vulnerabilities: In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other...
CVE-2019-17539
CVE-2019-17539 affects FFmpeg prior to 4.2, where avcodec_open2 in libavcodec/utils.c dereferences a NULL close function pointer, leading to a NULL pointer dereference and possibly unspecified other impact. Affected software is FFmpeg’s libavcodec component; root cause is a NULL pointer dereferen...