vulnerability
Ubuntu: USN-5167-1 (CVE-2021-3566): FFmpeg vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Aug 5, 2021 | Mar 22, 2023 | Nov 15, 2024 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Aug 5, 2021
Added
Mar 22, 2023
Modified
Nov 15, 2024
Description
Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).
Solution(s)
ubuntu-pro-upgrade-ffmpegubuntu-pro-upgrade-libavcodec-extraubuntu-pro-upgrade-libavcodec-ffmpeg-extra56ubuntu-pro-upgrade-libavcodec-ffmpeg56ubuntu-pro-upgrade-libavdevice-ffmpeg56ubuntu-pro-upgrade-libavfilter-ffmpeg5ubuntu-pro-upgrade-libavformat-ffmpeg56ubuntu-pro-upgrade-libavresample-ffmpeg2ubuntu-pro-upgrade-libavutil-ffmpeg54ubuntu-pro-upgrade-libpostproc-ffmpeg53ubuntu-pro-upgrade-libswresample-ffmpeg1ubuntu-pro-upgrade-libswscale-ffmpeg3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.