Unity Linux 20.1070e Security Update: ffmpeg (UTSA-2025-936110)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-936110 advisory. A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/getbits.h when writing .mov files, which might lead to memory corruption and other potential...

CVE-2016-8676

The getvlc2 function in getbits.h in Libav 11.9 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675...

CVE-2016-8676

The getvlc2 function in getbits.h in Libav 11.9 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675...

CVE-2016-8675

The getvlc2 function in getbits.h in Libav before 11.9 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted mp3 file, possibly related to startcode sequences during m4v detection...

CVE-2016-8675

CVE-2016-8675 affects Libav: the get_vlc2 function in get_bits.h is vulnerable in Libav versions before 11.9, allowing remote attackers to cause a denial of service via a crafted MP3 file, possibly related to startcode sequences during m4v detection. The issue is documented across multiple source...

CVE-2016-8676

CVE-2016-8676 affects Libav 11.9: the get_vlc2 function in get_bits.h can be triggered by a crafted MP3 to cause a denial-of-service via a NULL pointer dereference leading to a crash. This vulnerability is described as stemming from an incomplete fix for CVE-2016-8675. The connected documents con...

CVE-2016-8676

The getvlc2 function in getbits.h in Libav 11.9 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675...