CVE-2022-1475

Опубликовано: 02 мая 2022

Источник: debian

Описание

An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ffmpeg	fixed	7:4.4.2-1		package
ffmpeg	not-affected		buster	package
ffmpeg	not-affected		stretch	package

Примечания

https://trac.ffmpeg.org/ticket/9651
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=757da974b21833529cc41bdcc9684c29660cdfa8
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e9e2ddbc6c78cc18b76093617f82c920e58a8d1f (n4.4.2)
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fa2e4afe8d0a23fac37392ef6506cfc9841f8d3d (n4.3.4)

Связанные уязвимости

CVE-2022-1475

CVSS3: 5.5

ubuntu

почти 4 года назад

An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.

CVE-2022-1475

CVSS3: 5.5

nvd

почти 4 года назад

An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.

GHSA-gcqf-mvg9-pf79

CVSS3: 5.5

github

почти 4 года назад

An integer overflow vulnerability was found in FFmpeg 5.0.1 and in previous versions in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.

SUSE-SU-2025:02352-1

suse-cvrf

7 месяцев назад

Security update for ffmpeg