Описание
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 7:3.4.6-0ubuntu0.18.04.1 |
| cosmic | released | 7:4.0.4-0ubuntu1 |
| devel | released | 7:4.1.3-1 |
| disco | released | 7:4.1.3-0ubuntu1 |
| esm-apps/bionic | released | 7:3.4.6-0ubuntu0.18.04.1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allo ...
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Уязвимость функции handle_open_brace мультимедийной библиотеки FFmpeg, позволяющая нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2
6.5 Medium
CVSS3