Описание
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ffmpeg | fixed | 7:7.0-1 | experimental | package |
| ffmpeg | fixed | 7:7.0.1-3 | package | |
| ffmpeg | postponed | bookworm | package | |
| ffmpeg | not-affected | bullseye | package | |
| ffmpeg | not-affected | buster | package |
Примечания
https://trac.ffmpeg.org/ticket/10691
Introduced after: https://github.com/FFmpeg/FFmpeg/commit/f05c52985cf80d565c6e91fb4749e57dd8977d3e (n5.1)
Fixed by https://github.com/ffmpeg/ffmpeg/commit/2d9ed64859c9887d0504cd71dbd5b2c15e14251a (n7.0)
EPSS
Связанные уязвимости
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
Уязвимость компонента de_stereo (af_dialoguenhance.c) мультимедийной библиотеки FFmpeg, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS