First published: Tue Apr 28 2020(Updated: )
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
FFmpeg FFmpeg | =4.1 | |
FFmpeg FFmpeg | =4.2.2 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =20.04 | |
Debian Debian Linux | =10.0 | |
debian/ffmpeg | 7:4.3.7-0+deb11u1 7:4.3.8-0+deb11u1 7:5.1.6-0+deb12u1 7:7.1-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.