CVE-2020-12284Out-of-bounds Write in Ffmpeg

CWE-787Out-of-bounds WriteCWE-122Heap-based Buffer Overflow9 documents8 sources
Severity
9.8CRITICALNVD
OSV7.5
EPSS
6.4%
top 8.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
FfmpegCanonical Ubuntu LinuxDebian Linux
Timeline
PublishedApr 28
Latest updateMay 24

Description

cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

Debianffmpeg/ffmpeg< 7:4.2.3-1+3
Ubuntuffmpeg/ffmpeg< 7:2.8.17-0ubuntu0.1+2
NVDffmpeg/ffmpeg4.1, 4.2.2+1

Also affects: Debian Linux 10.0, Ubuntu Linux 16.04, 18.04, 20.04

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

4
GHSA
GHSA-qvcx-wpfr-c8wc: cbs_jpeg_split_fragment in libavcodec/cbs_jpeg2022-05-24
OSV
ffmpeg vulnerabilities2020-07-22
CVEList
CVE-2020-12284: cbs_jpeg_split_fragment in libavcodec/cbs_jpeg2020-04-28
OSV
CVE-2020-12284: cbs_jpeg_split_fragment in libavcodec/cbs_jpeg2020-04-28

📋Vendor Advisories

3
Ubuntu
FFmpeg vulnerabilities2020-07-22
Red Hat
ffmpeg: heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check in libavcodec/cbs_jpeg.c2020-04-28
Debian
CVE-2020-12284: ffmpeg - cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a h...2020

💬Community

1
Bugzilla
CVE-2020-12284 ffmpeg: heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check in libavcodec/cbs_jpeg.c2020-05-05
CVE-2020-12284 — Out-of-bounds Write in Ffmpeg | cvebase