Описание
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues:
- CVE-2024-36618: Fixed integer overflow iff ULONG_MAX < INT64_MAX (bsc#1234020).
New CVE references, fixed in previous release:
- CVE-2024-36617: avformat/cafdec: dont seek beyond 64bit (bsc#1234019).
- CVE-2024-36616: avformat/westwood_vqa: Fix 2g packets (bsc#1234018).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP6
ffmpeg-4-4.4.6-150600.13.27.1
ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavformat-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavresample-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavutil-devel-4.4.6-150600.13.27.1
ffmpeg-4-libpostproc-devel-4.4.6-150600.13.27.1
ffmpeg-4-libswresample-devel-4.4.6-150600.13.27.1
ffmpeg-4-libswscale-devel-4.4.6-150600.13.27.1
ffmpeg-4-private-devel-4.4.6-150600.13.27.1
libavcodec58_134-4.4.6-150600.13.27.1
libavdevice58_13-4.4.6-150600.13.27.1
libavfilter7_110-4.4.6-150600.13.27.1
libavformat58_76-4.4.6-150600.13.27.1
libavresample4_0-4.4.6-150600.13.27.1
libavutil56_70-4.4.6-150600.13.27.1
libpostproc55_9-4.4.6-150600.13.27.1
libswresample3_9-4.4.6-150600.13.27.1
libswscale5_9-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
ffmpeg-4-4.4.6-150600.13.27.1
ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavformat-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavresample-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavutil-devel-4.4.6-150600.13.27.1
ffmpeg-4-libpostproc-devel-4.4.6-150600.13.27.1
ffmpeg-4-libswresample-devel-4.4.6-150600.13.27.1
ffmpeg-4-libswscale-devel-4.4.6-150600.13.27.1
ffmpeg-4-private-devel-4.4.6-150600.13.27.1
libavcodec58_134-4.4.6-150600.13.27.1
libavdevice58_13-4.4.6-150600.13.27.1
libavfilter7_110-4.4.6-150600.13.27.1
libavformat58_76-4.4.6-150600.13.27.1
libavresample4_0-4.4.6-150600.13.27.1
libavutil56_70-4.4.6-150600.13.27.1
libpostproc55_9-4.4.6-150600.13.27.1
libswresample3_9-4.4.6-150600.13.27.1
libswscale5_9-4.4.6-150600.13.27.1
SUSE Linux Enterprise Workstation Extension 15 SP6
libavcodec58_134-4.4.6-150600.13.27.1
libavformat58_76-4.4.6-150600.13.27.1
libavutil56_70-4.4.6-150600.13.27.1
libswresample3_9-4.4.6-150600.13.27.1
libswscale5_9-4.4.6-150600.13.27.1
SUSE Linux Enterprise Workstation Extension 15 SP7
libavcodec58_134-4.4.6-150600.13.27.1
libavformat58_76-4.4.6-150600.13.27.1
libavutil56_70-4.4.6-150600.13.27.1
libswresample3_9-4.4.6-150600.13.27.1
libswscale5_9-4.4.6-150600.13.27.1
openSUSE Leap 15.6
ffmpeg-4-4.4.6-150600.13.27.1
ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavformat-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavresample-devel-4.4.6-150600.13.27.1
ffmpeg-4-libavutil-devel-4.4.6-150600.13.27.1
ffmpeg-4-libpostproc-devel-4.4.6-150600.13.27.1
ffmpeg-4-libswresample-devel-4.4.6-150600.13.27.1
ffmpeg-4-libswscale-devel-4.4.6-150600.13.27.1
ffmpeg-4-private-devel-4.4.6-150600.13.27.1
libavcodec58_134-4.4.6-150600.13.27.1
libavcodec58_134-32bit-4.4.6-150600.13.27.1
libavdevice58_13-4.4.6-150600.13.27.1
libavdevice58_13-32bit-4.4.6-150600.13.27.1
libavfilter7_110-4.4.6-150600.13.27.1
libavfilter7_110-32bit-4.4.6-150600.13.27.1
libavformat58_76-4.4.6-150600.13.27.1
libavformat58_76-32bit-4.4.6-150600.13.27.1
libavresample4_0-4.4.6-150600.13.27.1
libavresample4_0-32bit-4.4.6-150600.13.27.1
libavutil56_70-4.4.6-150600.13.27.1
libavutil56_70-32bit-4.4.6-150600.13.27.1
libpostproc55_9-4.4.6-150600.13.27.1
libpostproc55_9-32bit-4.4.6-150600.13.27.1
libswresample3_9-4.4.6-150600.13.27.1
libswresample3_9-32bit-4.4.6-150600.13.27.1
libswscale5_9-4.4.6-150600.13.27.1
libswscale5_9-32bit-4.4.6-150600.13.27.1
Ссылки
- Link for SUSE-SU-2025:02381-1
- E-Mail link for SUSE-SU-2025:02381-1
- SUSE Security Ratings
- SUSE Bug 1234018
- SUSE Bug 1234019
- SUSE Bug 1234020
- SUSE CVE CVE-2024-36616 page
- SUSE CVE CVE-2024-36617 page
- SUSE CVE CVE-2024-36618 page
Описание
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
Ссылки
- CVE-2024-36616
- SUSE Bug 1234018
Описание
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
Ссылки
- CVE-2024-36617
- SUSE Bug 1234019
Описание
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavcodec-devel-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavdevice-devel-4.4.6-150600.13.27.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:ffmpeg-4-libavfilter-devel-4.4.6-150600.13.27.1
Ссылки
- CVE-2024-36618
- SUSE Bug 1234020