Описание
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ffmpeg | fixed | 7:7.0-1 | experimental | package |
| ffmpeg | fixed | 7:7.0.1-3 | package | |
| ffmpeg | not-affected | bullseye | package | |
| ffmpeg | not-affected | buster | package |
Примечания
Fixed by https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2 (n7.0)
Fixed by https://github.com/ffmpeg/ffmpeg/commit/785a6df0e477f408c3e939a043b8608acf071964 (n5.1.7)
EPSS
Связанные уязвимости
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
Уязвимость компонента libavfilter/vf_codecview.c мультимедийной библиотеки FFmpeg, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS