Bugs fixes in "ffmpeg"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2017-17081 | The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 does not properly validate widths and heights, which allows remote attackers to c | 2018-04-12 |
| CVE | CVE-2017-15672 | The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and earlier allows remote attackers to have unspecified impact via a crafted MP4 fil | 2018-04-12 |
| CVE | CVE-2017-14225 | The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but c | 2018-04-12 |
| CVE | CVE-2017-14223 | In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumpti | 2018-04-12 |
| CVE | CVE-2017-14222 | In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. Whe | 2018-04-12 |
| CVE | CVE-2017-14171 | In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. | 2018-04-12 |
| CVE | CVE-2017-14170 | In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consump | 2018-04-12 |
| CVE | CVE-2017-14169 | In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3, an integer signedness error might occur when a crafted file, which clai | 2018-04-12 |
| CVE | CVE-2017-14059 | In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which | 2018-04-12 |
| CVE | CVE-2017-14058 | In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attacker | 2018-04-12 |
| CVE | CVE-2017-14057 | In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF | 2018-04-12 |
| CVE | CVE-2017-14056 | In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumptio | 2018-04-12 |
| CVE | CVE-2017-14055 | In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumpti | 2018-04-12 |
| CVE | CVE-2017-11665 | The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Vi | 2018-04-12 |
| CVE | CVE-2017-11399 | Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg through 3.3.2 allows remote attackers to cause a denial of service | 2018-04-12 |
| CVE | CVE-2017-9996 | The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3. | 2018-04-12 |
| CVE | CVE-2017-9994 | libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pi | 2018-04-12 |
| CVE | CVE-2017-9993 | FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filenam | 2018-04-12 |
| CVE | CVE-2017-9992 | Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x bef | 2018-04-12 |
| CVE | CVE-2017-9991 | Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3 | 2018-04-12 |
About
-
Send Feedback to @ubuntu_updates
