vulnerability

SUSE: CVE-2020-13904: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	2020-06-07	2021-07-15	2021-11-03

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

2020-06-07

Added

2021-07-15

Modified

2021-11-03

Description

FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.

Solution(s)

suse-upgrade-ffmpegsuse-upgrade-ffmpeg-private-develsuse-upgrade-libavcodec-develsuse-upgrade-libavcodec57suse-upgrade-libavcodec57-32bitsuse-upgrade-libavdevice-develsuse-upgrade-libavdevice57suse-upgrade-libavdevice57-32bitsuse-upgrade-libavfilter-develsuse-upgrade-libavfilter6suse-upgrade-libavfilter6-32bitsuse-upgrade-libavformat-develsuse-upgrade-libavformat57suse-upgrade-libavformat57-32bitsuse-upgrade-libavresample-develsuse-upgrade-libavresample3suse-upgrade-libavresample3-32bitsuse-upgrade-libavutil-develsuse-upgrade-libavutil55suse-upgrade-libavutil55-32bitsuse-upgrade-libpostproc-develsuse-upgrade-libpostproc54suse-upgrade-libpostproc54-32bitsuse-upgrade-libswresample-develsuse-upgrade-libswresample2suse-upgrade-libswresample2-32bitsuse-upgrade-libswscale-develsuse-upgrade-libswscale4suse-upgrade-libswscale4-32bit

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today