15 matches found
EUVD-2018-7680
Malware in sbrugna...
Denial Of Service (DoS)
ffmpeg is vulnerable to denial of service. The flvwritepacket function in libavformat/flvenc.c does not check for an empty audio packet, leading to an assertion failure...
The vulnerability of the flv_write_packet function in the FFmpeg multimedia library, which stems from the lack of checks for empty audio packets, allows attackers to trigger a service failure.
The vulnerability of the flvwritepacket function in the FFmpeg multimedia library lies in the lack of checks to ensure that no empty audio packets are present. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
MGASA-2019-0223 Updated mythtv packages fix security issues
This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2. It also fixes at least the following issue: The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure CVE-2018-15822. It...
Updated mythtv packages fix security issues
This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2. It also fixes at least the following issue: The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion failure CVE-2018-15822. It...
Debian DLA-1809-1 : libav security update
Two more security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2018-15822 The flvwritepacket function in libavformat/flvenc.c in libav did not check for an empty audio packet, leading to an assertion failure. CVE-2019-11338 libavcodec/hevcdec.c...
Security update for ffmpeg-4 (low)
openSUSE Security Update: Security update for ffmpeg-4 Announcement ID: openSUSE-SU-2019:1066-1 Rating: low References: 1092241 1100348 1105869 Cross-References: CVE-2018-13300 CVE-2018-15822 Affected Products: openSUSE Backports SLE-15 An update that solves two vulnerabilities and has one errata...
openSUSE Security Update : ffmpeg-4 (openSUSE-2019-691)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues : These security issues were fixed : - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2018:3609-1)
This update for ffmpeg fixes the following issues : CVE-2018-13300: An improper argument passed to the avprivrequestsample function may have triggered an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure bsc110034...
openSUSE Security Update : ffmpeg-4 (openSUSE-2018-1004)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues : These security issues were fixed : - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
Security update for ffmpeg-4 (low)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues: These security issues were fixed: - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
CVE-2018-15822
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...
CVE-2018-15822
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...
CVE-2018-15822
The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...
CVE-2018-15822
CVE-2018-15822 affects FFmpeg/libav through 2.8 where flv_write_packet in libavformat/flvenc.c does not check for an empty audio packet, triggering an assertion failure. Multiple connected advisories (Debian DLA-1809, DSA-4449; USN-3967-1; Cloud Foundry/Ubuntu advisories) reference this CVE along...