vulnerability
Ubuntu: USN-5958-1 (CVE-2022-3965): FFmpeg vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:N/A:C) | Nov 13, 2022 | Mar 22, 2023 | Jan 28, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:N/A:C)
Published
Nov 13, 2022
Added
Mar 22, 2023
Modified
Jan 28, 2025
Description
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544.
Solution(s)
ubuntu-upgrade-ffmpegubuntu-upgrade-libavcodec-extraubuntu-upgrade-libavcodec-extra59ubuntu-upgrade-libavcodec59ubuntu-upgrade-libavdevice59ubuntu-upgrade-libavfilter-extraubuntu-upgrade-libavfilter-extra8ubuntu-upgrade-libavfilter8ubuntu-upgrade-libavformat-extraubuntu-upgrade-libavformat-extra59ubuntu-upgrade-libavformat59ubuntu-upgrade-libavutil57ubuntu-upgrade-libpostproc56ubuntu-upgrade-libswresample4ubuntu-upgrade-libswscale6
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.