CVE-2017-16803 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libav

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 28.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ffmpeg Debian Ffmpeg Libav

Timeline

PublishedNov 13

Latest updateMay 14

Description

In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDlibav/libav11.11+2

▶debiandebian/ffmpeg< ffmpeg 7:2.2.1-1 (bookworm)

▶Debianffmpeg/ffmpeg< 7:2.2.1-1+3

🔴Vulnerability Details

GHSA

GHSA-j8rq-pgqm-7hx7: In Libav through 11↗2022-05-14

▶

OSV

CVE-2017-16803: In Libav through 11↗2017-11-13

▶

📋Vendor Advisories

Debian

CVE-2017-16803: ffmpeg - In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function i...↗2017

▶