Описание
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 7:7.1.1-1ubuntu4 |
| esm-apps/bionic | released | 7:3.4.11-0ubuntu0.1+esm9 |
| esm-apps/focal | released | 7:4.2.7-0ubuntu0.1+esm9 |
| esm-apps/jammy | released | 7:4.4.2-0ubuntu0.22.04.1+esm8 |
| esm-apps/noble | released | 7:6.1.1-3ubuntu5+esm4 |
| esm-apps/xenial | released | 7:2.8.17-0ubuntu0.1+esm11 |
| focal | ignored | end of standard support, was deferred [2025-06-02] |
| jammy | needed | |
| noble | needed | |
| oracular | ignored | end of life, was deferred [2025-06-02] |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
6.3 Medium
CVSS3
Связанные уязвимости
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, was found in FFmpeg ...
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Уязвимость функции ff_aac_search_for_tns компонента libavcodec/aacenc_tns.c мультимедийной библиотеки FFmpeg, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации, нарушить её целостность, а также вызвать отказ в обслуживании
EPSS
7.5 High
CVSS2
6.3 Medium
CVSS3