CVE-2015-6761 — Race Condition in Ffmpeg

CWE-362 — Race Condition9 documents7 sources

Severity

6.8MEDIUMNVD

OSV7.5

EPSS

1.5%

top 19.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ffmpeg Debian Ffmpeg Google Chrome

Timeline

PublishedOct 15

Latest updateMay 14

Description

The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages4 packages

▶NVDgoogle/chrome45.0.2454.101

▶debiandebian/ffmpeg< ffmpeg 7:2.8.1-1 (bookworm)

▶Debianffmpeg/ffmpeg< 7:2.8.1-1+3

▶NVDffmpeg/ffmpeg2.8.1

🔴Vulnerability Details

GHSA

GHSA-w82p-vxv4-pvcf: The update_dimensions function in libavcodec/vp8↗2022-05-14

▶

OSV

oxide-qt vulnerabilities↗2015-10-20

▶

OSV

CVE-2015-6761: The update_dimensions function in libavcodec/vp8↗2015-10-15

▶

📋Vendor Advisories

Ubuntu

Oxide vulnerabilities↗2015-10-22

▶

Ubuntu

Oxide vulnerabilities↗2015-10-20

▶

Red Hat

chromium-browser: Memory corruption in FFMpeg↗2015-10-13

▶

Debian

CVE-2015-6761: ffmpeg - The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as u...↗2015

▶

💬Community

Bugzilla

CVE-2015-6761 chromium-browser: Memory corruption in FFMpeg↗2015-10-14

▶