SB2016120711 - Multiple vulnerabilities in FFmpeg
Published: December 7, 2016 Updated: June 8, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2015-8219)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data.
2) Input validation error (CVE-ID: CVE-2015-8218)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.
3) Input validation error (CVE-ID: CVE-2015-8217)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data.
4) Input validation error (CVE-ID: CVE-2015-8216)
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data.
Remediation
Install update from vendor's website.
References
- http://git.videolan.org/?p=ffmpeg.git;a=commit;h=43492ff3ab68a343c1264801baa1d5a02de10167
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00146.html
- http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d4a731b84a08f0f3839eaaaf82e97d8d9c67da46
- http://git.videolan.org/?p=ffmpeg.git;a=commit;h=93f30f825c08477fe8f76be00539e96014cc83c8
- https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html
- http://git.videolan.org/?p=ffmpeg.git;a=commit;h=d24888ef19ba38b787b11d1ee091a3d94920c76a