DSA-5985-1 ffmpeg - security update

Bulletin has no description...

DEBIAN-CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

UBUNTU-CVE-2021-28429

Integer overflow vulnerability in avtimecodemakestring in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service DoS via crafted .mov file...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg Ffmpeg team. A denial of service vulnerability exists in FFmpeg version 4.2, which stems from a resource management error in fftools/cmdutils.c, and can be exploited by an attacker to cause a...

DEBIAN-CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service NULL pointer dereference and out-of-array access or possibly have unspecified other impact via crafted HEVC data...

DEBIAN-CVE-2018-14394

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted Waveform audio file...

DEBIAN-CVE-2018-14395

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service application crash caused by a divide-by-zero error with a user crafted audio file when converting to the MOV audio format...

Unspecified vulnerability in Ffmpeg (CNVD-2017-20994)

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. There is an unspecified vulnerability in Ffmpeg, and no detailed vulnerability details are provided at this time...

DEBIAN-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

CVE-2017-5051

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...

UBUNTU-CVE-2016-2328

libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...

UBUNTU-CVE-2015-6823

The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...