What is the severity of USN-3967-1?

USN-3967-1 is classified as a security vulnerability that can lead to denial of service via application crash.

How do I fix USN-3967-1?

To mitigate USN-3967-1, users should upgrade to the fixed versions of the affected packages: 7:4.1.3-0ubuntu1 or later.

What packages are affected by USN-3967-1?

USN-3967-1 affects multiple FFmpeg related packages including ffmpeg, libavcodec-extra58, libavformat58, and others.

Which versions of Ubuntu are impacted by USN-3967-1?

USN-3967-1 impacts Ubuntu versions 19.04, 18.10, and 18.04 with specific package versions.

What could happen if I don't address USN-3967-1?

Failing to address USN-3967-1 may leave your system vulnerable to crashes and potential exploitation from malicious multimedia files.

Vulnerability/
USN-3967-1

6/5/2019

USN-3967-1: FFmpeg vulnerabilities

First published: Mon May 06 2019(Updated: )

It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash.

Affected Software	Affected Version	How to fix
All of
ubuntu/ffmpeg	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavcodec-extra58	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavcodec58	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavdevice58	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavfilter-extra7	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavfilter7	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavformat58	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavresample4	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libavutil56	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libpostproc55	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libswresample3	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/libswscale5	<7:4.1.3-0ubuntu1	7:4.1.3-0ubuntu1
Ubuntu OpenSSH Client	=19.04
All of
ubuntu/ffmpeg	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavcodec-extra58	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavcodec58	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavdevice58	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavfilter-extra7	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavfilter7	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavformat58	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavresample4	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libavutil56	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libpostproc55	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libswresample3	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/libswscale5	<7:4.0.4-0ubuntu1	7:4.0.4-0ubuntu1
Ubuntu OpenSSH Client	=18.10
All of
ubuntu/ffmpeg	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavcodec-extra57	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavcodec57	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavdevice57	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavfilter-extra6	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavfilter6	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavformat57	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavresample3	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libavutil55	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libpostproc54	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libswresample2	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04
All of
ubuntu/libswscale4	<7:3.4.6-0ubuntu0.18.04.1	7:3.4.6-0ubuntu0.18.04.1
Ubuntu OpenSSH Client	=18.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-3967-1?
USN-3967-1 is classified as a security vulnerability that can lead to denial of service via application crash.
How do I fix USN-3967-1?
To mitigate USN-3967-1, users should upgrade to the fixed versions of the affected packages: 7:4.1.3-0ubuntu1 or later.
What packages are affected by USN-3967-1?
USN-3967-1 affects multiple FFmpeg related packages including ffmpeg, libavcodec-extra58, libavformat58, and others.
Which versions of Ubuntu are impacted by USN-3967-1?
USN-3967-1 impacts Ubuntu versions 19.04, 18.10, and 18.04 with specific package versions.
What could happen if I don't address USN-3967-1?
Failing to address USN-3967-1 may leave your system vulnerable to crashes and potential exploitation from malicious multimedia files.

agent/severity
agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
agent/title
agent/description
agent/event
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/usn
source/Ubuntu
agent/software-canonical-lookup
agent/software-canonical-lookup-request
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu openssh client
version/ubuntu openssh client/19.04
version/ubuntu openssh client/18.10
version/ubuntu openssh client/18.04