The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/102950 | Third Party Advisory VDB Entry |
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b | Patch Third Party Advisory |
https://github.com/FFmpeg/FFmpeg/commit/22aa37c0fedf14531783189a197542a055959b6c | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html | Mailing List Third Party Advisory |
https://www.debian.org/security/2018/dsa-4249 | Third Party Advisory |
Configurations
History
02 Mar 2021, 21:11
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://github.com/FFmpeg/FFmpeg/commit/22aa37c0fedf14531783189a197542a055959b6c - Patch, Third Party Advisory |
05 Jan 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
Summary | The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. | |
References |
|
Information
Published : 2018-02-05 04:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-6621
Mitre link : CVE-2018-6621
CVE.ORG link : CVE-2018-6621
JSON object : View
Products Affected
debian
- debian_linux
ffmpeg
- ffmpeg
CWE
CWE-125
Out-of-bounds Read