SB2021052656 - Multiple vulnerabilities in FFmpeg
Published: May 26, 2021 Updated: December 5, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 6 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2020-22024)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the lagfun_frame16 function in libavfilter/vf_lagfun.c. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.
2) Integer overflow (CVE-ID: CVE-2021-28429)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow within the av_timecode_make_string in libavutil/timecode.c. A local user can pass specially crafted data to the application, trigger integer overflow and cause a denial of service condition on the target system.
3) Memory leak (CVE-ID: CVE-2020-22051)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the filter_frame function in vf_tile.c. A remote attacker can perform a denial of service attack.
4) Memory leak (CVE-ID: CVE-2020-22043)
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak within the fifo_alloc_common function in libavutil/fifo.c. A remote attacker can force the application to leak memory and perform denial of service attack.
5) Memory leak (CVE-ID: CVE-2020-22040)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the v_frame_alloc function in frame.c. A remote attacker can perform a denial of service attack.
6) Memory leak (CVE-ID: CVE-2020-22039)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the inavi_add_ientry function. A remote attacker can perform a denial of service attack.
Remediation
Install update from vendor's website.
References
- https://trac.ffmpeg.org/ticket/8310
- https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c94875471e3ba3dc396c6919ff3ec9b14539cd71
- https://trac.ffmpeg.org/ticket/8313
- http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=673fce6d40d9a594fb7a0ea17d296b7d3d9ea856
- https://trac.ffmpeg.org/ticket/8284
- https://trac.ffmpeg.org/ticket/8283
- https://trac.ffmpeg.org/ticket/8302