DSA-5985-1 ffmpeg - security update

Bulletin has no description...

The vulnerability of the demultiplexer for AVI files in the libavformat library of the Ffmpeg multimedia library allows a hacker to cause a service failure.

The vulnerability of the demultiplexer for AVI files in the libavformat library of the FFmpeg multimedia library is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

DEBIAN-CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

The vulnerability of the CAF decoder in the FFmpeg multimedia library allows a hacker to induce a service failure.

The vulnerability of the CAF decoder in the FFmpeg multimedia library is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the MMS multimedia library protocol in FFmpeg, related to reading data beyond the buffer’s allowed limits, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the MMS protocol in the FFmpeg multimedia library relates to reading data beyond the allowed buffer limits. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...

UBUNTU-CVE-2021-28429

Integer overflow vulnerability in avtimecodemakestring in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service DoS via crafted .mov file...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg Ffmpeg team. A denial of service vulnerability exists in FFmpeg version 4.2, which stems from a resource management error in fftools/cmdutils.c, and can be exploited by an attacker to cause a...

DEBIAN-CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service NULL pointer dereference and out-of-array access or possibly have unspecified other impact via crafted HEVC data...

DEBIAN-CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

DEBIAN-CVE-2018-14395

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted audio file when converting to the MOV audio format...

Unspecified vulnerability in Ffmpeg (CNVD-2017-20994)

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. There is an unspecified vulnerability in Ffmpeg, and no detailed vulnerability details are provided at this time...

DEBIAN-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

CVE-2017-5051

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...

UBUNTU-CVE-2016-2328

libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...

UBUNTU-CVE-2015-6823

The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...

[SECURITY] Fedora 7 Update: xine-lib-1.1.10-1.fc7

This package contains the Xine library. Xine is a free multimedia player. It can play back various media. It also decodes multimedia files from local disk drives, and displays multimedia streamed over the Internet. It interprets many of the most common multimedia formats available - and some of t...