First published: Sun Jul 07 2019(Updated: )
In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
FFmpeg FFmpeg | =4.1.3 | |
debian/ffmpeg | 7:4.3.7-0+deb11u1 7:4.3.8-0+deb11u1 7:5.1.6-0+deb12u1 7:7.1-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-13390 is a vulnerability in FFmpeg 4.1.3 that allows for a division by zero at adx_write_trailer in libavformat/rawenc.c.
CVE-2019-13390 has a severity value of 6.5, which is considered medium.
FFmpeg 4.1.3 is affected by CVE-2019-13390.
To fix CVE-2019-13390, it is recommended to update to the latest version of FFmpeg.
More information about CVE-2019-13390 can be found at the following references: [SecurityFocus](http://www.securityfocus.com/bid/109090), [Debian LTS Announce](https://lists.debian.org/debian-lts-announce/2020/07/msg00022.html), [Gentoo GLSA](https://security.gentoo.org/glsa/202003-65).