Debian Ffmpeg vulnerabilities

CVE-2020-22042 [MEDIUM] CVE-2020-22042: ffmpeg - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is a... A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function in libavfilter/graphparser.c. Scope: local bookworm: resolved (fixed in 7:4.4-5) bullseye: resolved (fixed in 7:4.3.3-0+deb11u1) forky: resolved (fixed in 7:4.4-5) sid: resolved (fixed in 7:4.4-5) trixie: resolved (fixed in 7:4.

CVE-2020-22041 [MEDIUM] CVE-2020-22041: ffmpeg - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in t... A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc. Scope: local bookworm: resolved (fixed in 7:4.3-2) bullseye: resolved (fixed in 7:4.3-2) forky: resolved (fixed in 7:4.3-2) sid: resolved (fixed in 7:4.3-2) trixie: resolved (fixed in 7:4.3-2)

CVE-2020-36138 [HIGH] CVE-2020-36138: ffmpeg - An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4... An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2020-20448 [MEDIUM] CVE-2020-20448: ffmpeg - FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c,... FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of Service. Scope: local bookworm: resolved (fixed in 7:4.3-2) bullseye: resolved (fixed in 7:4.3-2) forky: resolved (fixed in 7:4.3-2) sid: resolved (fixed in 7:4.3-2) trixie: resolved (fixed in 7:4.3-2)

CVE-2020-20453 [MEDIUM] CVE-2020-20453: ffmpeg - FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which ... FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service Scope: local bookworm: resolved (fixed in 7:4.4.1-1) bullseye: resolved (fixed in 7:4.3.3-0+deb11u1) forky: resolved (fixed in 7:4.4.1-1) sid: resolved (fixed in 7:4.4.1-1) trixie: resolved (fixed in 7:4.4.1-1)

CVE-2020-22044 [MEDIUM] CVE-2020-22044: ffmpeg - A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in t... A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c. Scope: local bookworm: resolved (fixed in 7:4.3-2) bullseye: resolved (fixed in 7:4.3-2) forky: resolved (fixed in 7:4.3-2) sid: resolved (fixed in 7:4.3-2) trixie: resolved (fixed in 7:4.3-2)

CVE-2019-17542 [CRITICAL] CVE-2019-17542: ffmpeg - FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because o... FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. Scope: local bookworm: resolved (fixed in 7:4.2.1-1) bullseye: resolved (fixed in 7:4.2.1-1) forky: resolved (fixed in 7:4.2.1-1) sid: resolved (fixed in 7:4.2.1-1) trixie: resolved (fixed in 7:4.2.1-1)

CVE-2019-11339 [HIGH] CVE-2019-11339: ffmpeg - The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.... The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data. Scope: local bookworm: resolved (fixed in 7:4.1.3-1) bullseye: resolved (fixed in 7:4.1.3-1) forky: resolved (fixed

CVE-2019-11338 [HIGH] CVE-2019-11338: ffmpeg - libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate f... libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. Scope: local bookworm: resolved (fixed in 7:4.1.3-1) bullseye: resolved (fixed in 7:4.1.3-1) forky: r

CVE-2019-9721 [MEDIUM] CVE-2019-9721: ffmpeg - A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attacke... A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. Scope: local bookworm: resolved (fixed in 7:4.1.3-1) bullseye: resolved (fixed in 7:4.1.3-1) forky: resolved (fixed in 7:4.1.3-1)

CVE-2019-17539 [CRITICAL] CVE-2019-17539: ffmpeg - In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer ... In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. Scope: local bookworm: resolved (fixed in 7:4.2.1-1) bullseye: resolved (fixed in 7:4.2.1-1) forky: resolved (fixed in 7:4.2.1-1) sid: resolved (fixed in 7:4.2.1-1) trixie: resolved (fixed

CVE-2019-12730 [CRITICAL] CVE-2019-12730: ffmpeg - aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1... aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables. Scope: local bookworm: resolved (fixed in 7:4.1.4-1) bullseye: resolved (fixed in 7:4.1.4-1) forky: resolved (fixed in 7:4.1.4-1) sid: resolved (fixed in 7:4.1.4-1) trixie: resolved (fixed in

CVE-2019-13312 [HIGH] CVE-2019-13312: ffmpeg - block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over... block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-9718 [MEDIUM] CVE-2019-9718: ffmpeg - In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attack... In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. Scope: local bookworm: resolved (fixed in 7:4.1.3-1) bullseye: resolved (fixed in 7:4.1.3-1) forky: resolved (fixed in 7:4.1.

CVE-2019-15942 [HIGH] CVE-2019-15942: ffmpeg - FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised valu... FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2019-13390 [MEDIUM] CVE-2019-13390: ffmpeg - In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat... In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c. Scope: local bookworm: resolved (fixed in 7:4.2.1-1) bullseye: resolved (fixed in 7:4.2.1-1) forky: resolved (fixed in 7:4.2.1-1) sid: resolved (fixed in 7:4.2.1-1) trixie: resolved (fixed in 7:4.2.1-1)

CVE-2019-1000016 [MEDIUM] CVE-2019-1000016: ffmpeg - FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulner... FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in after commit b97a4b658814b2de8b9f2a3bce491c002d34de31. Scope: loca

CVE-2018-1999010 [CRITICAL] CVE-2018-1999010: ffmpeg - FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple ... FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later. Sco

CVE-2018-1999011 [HIGH] CVE-2018-1999011: ffmpeg - FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer ... FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fix

CVE-2018-13300 [HIGH] CVE-2018-13300: ffmpeg - In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the ... In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure. Scope: local bookworm: resolved (fixed in 7:3.4.3-1) bul