Описание
Security update for ffmpeg
This update for ffmpeg fixes the following issues:
- CVE-2022-1475: Fixed integer overflow in g729_parse() in llibavcodec/g729_parser.c (bsc#1198898).
- CVE-2024-36616: Fixed integer overflow in the component libavformat/westwood_vqa.c (bsc#1234018).
- CVE-2024-36617: Fixed integer overflow vulnerability in the FFmpeg CAF decoder (bsc#1234019).
- CVE-2024-36618: Fixed vulnerability in the AVI demuxer of the libavformat library (bsc#1234020).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
libavcodec57-3.4.2-150200.11.64.1
libavutil-devel-3.4.2-150200.11.64.1
libavutil55-3.4.2-150200.11.64.1
libpostproc-devel-3.4.2-150200.11.64.1
libpostproc54-3.4.2-150200.11.64.1
libswresample-devel-3.4.2-150200.11.64.1
libswresample2-3.4.2-150200.11.64.1
libswscale-devel-3.4.2-150200.11.64.1
libswscale4-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP7
libavcodec57-3.4.2-150200.11.64.1
libavutil-devel-3.4.2-150200.11.64.1
libavutil55-3.4.2-150200.11.64.1
libpostproc-devel-3.4.2-150200.11.64.1
libpostproc54-3.4.2-150200.11.64.1
libswresample-devel-3.4.2-150200.11.64.1
libswresample2-3.4.2-150200.11.64.1
libswscale-devel-3.4.2-150200.11.64.1
libswscale4-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Package Hub 15 SP6
ffmpeg-3.4.2-150200.11.64.1
libavdevice57-3.4.2-150200.11.64.1
libavfilter6-3.4.2-150200.11.64.1
libavformat57-3.4.2-150200.11.64.1
libavresample3-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
ffmpeg-3.4.2-150200.11.64.1
libavdevice57-3.4.2-150200.11.64.1
libavfilter6-3.4.2-150200.11.64.1
libavformat57-3.4.2-150200.11.64.1
libavresample3-3.4.2-150200.11.64.1
SUSE Linux Enterprise Workstation Extension 15 SP6
libavcodec-devel-3.4.2-150200.11.64.1
libavformat-devel-3.4.2-150200.11.64.1
libavformat57-3.4.2-150200.11.64.1
libavresample-devel-3.4.2-150200.11.64.1
libavresample3-3.4.2-150200.11.64.1
SUSE Linux Enterprise Workstation Extension 15 SP7
libavcodec-devel-3.4.2-150200.11.64.1
libavformat-devel-3.4.2-150200.11.64.1
libavformat57-3.4.2-150200.11.64.1
libavresample-devel-3.4.2-150200.11.64.1
libavresample3-3.4.2-150200.11.64.1
openSUSE Leap 15.6
ffmpeg-3.4.2-150200.11.64.1
ffmpeg-private-devel-3.4.2-150200.11.64.1
libavcodec-devel-3.4.2-150200.11.64.1
libavcodec57-3.4.2-150200.11.64.1
libavcodec57-32bit-3.4.2-150200.11.64.1
libavdevice-devel-3.4.2-150200.11.64.1
libavdevice57-3.4.2-150200.11.64.1
libavdevice57-32bit-3.4.2-150200.11.64.1
libavfilter-devel-3.4.2-150200.11.64.1
libavfilter6-3.4.2-150200.11.64.1
libavfilter6-32bit-3.4.2-150200.11.64.1
libavformat-devel-3.4.2-150200.11.64.1
libavformat57-3.4.2-150200.11.64.1
libavformat57-32bit-3.4.2-150200.11.64.1
libavresample-devel-3.4.2-150200.11.64.1
libavresample3-3.4.2-150200.11.64.1
libavresample3-32bit-3.4.2-150200.11.64.1
libavutil-devel-3.4.2-150200.11.64.1
libavutil55-3.4.2-150200.11.64.1
libavutil55-32bit-3.4.2-150200.11.64.1
libpostproc-devel-3.4.2-150200.11.64.1
libpostproc54-3.4.2-150200.11.64.1
libpostproc54-32bit-3.4.2-150200.11.64.1
libswresample-devel-3.4.2-150200.11.64.1
libswresample2-3.4.2-150200.11.64.1
libswresample2-32bit-3.4.2-150200.11.64.1
libswscale-devel-3.4.2-150200.11.64.1
libswscale4-3.4.2-150200.11.64.1
libswscale4-32bit-3.4.2-150200.11.64.1
Ссылки
- Link for SUSE-SU-2025:02352-1
- E-Mail link for SUSE-SU-2025:02352-1
- SUSE Security Ratings
- SUSE Bug 1198898
- SUSE Bug 1234018
- SUSE Bug 1234019
- SUSE Bug 1234020
- SUSE CVE CVE-2022-1475 page
- SUSE CVE CVE-2024-36616 page
- SUSE CVE CVE-2024-36617 page
- SUSE CVE CVE-2024-36618 page
Описание
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavcodec57-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil-devel-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil55-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libpostproc-devel-3.4.2-150200.11.64.1
Ссылки
- CVE-2022-1475
- SUSE Bug 1198898
Описание
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavcodec57-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil-devel-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil55-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libpostproc-devel-3.4.2-150200.11.64.1
Ссылки
- CVE-2024-36616
- SUSE Bug 1234018
Описание
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavcodec57-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil-devel-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil55-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libpostproc-devel-3.4.2-150200.11.64.1
Ссылки
- CVE-2024-36617
- SUSE Bug 1234019
Описание
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavcodec57-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil-devel-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libavutil55-3.4.2-150200.11.64.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6:libpostproc-devel-3.4.2-150200.11.64.1
Ссылки
- CVE-2024-36618
- SUSE Bug 1234020