CVE-2018-14395

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.

References

Affected packages

Git / github.com/ffmpeg/ffmpeg

Affected ranges

Type

GIT

Repo

https://github.com/ffmpeg/ffmpeg

Events

Introduced

Last affected

340cea9f22c162e10d120835661e132721b7454b

Introduced

Last affected

ace829cb45cff530b8a0aed6adf18f329d7a98f6

Fixed

2c0e98a0b478284bdff6d7a4062522605a8beae5

Fixed

fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.0"
        }
    ]
}

Affected versions

Other

n0.*

n0.11-dev

n0.12-dev

n0.8

n1.*

n1.1-dev

n1.2-dev

n1.3-dev

n2.*

n2.0

n2.1-dev

n2.2-dev

n2.3-dev

n2.4-dev

n2.5-dev

n2.6-dev

n2.7-dev

n2.8-dev

n2.9-dev

n3.*

n3.1-dev

n3.2

n3.2-dev

n3.2.1

n3.2.10

n3.2.11

n3.2.2

n3.2.3

n3.2.4

n3.2.5

n3.2.6

n3.2.7

n3.2.8

n3.2.9

n3.3-dev

n3.4-dev

n3.5-dev

n4.*

n4.1-dev

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "function_hash": "102827977244515592418039999533830258363",
            "length": 4429.0
        },
        "target": {
            "file": "libavformat/movenc.c",
            "function": "mov_write_audio_tag"
        },
        "id": "CVE-2018-14395-81cf19f1",
        "source": "https://github.com/ffmpeg/ffmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582"
    },
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "function_hash": "44736351853163418595392144319364648043",
            "length": 3886.0
        },
        "target": {
            "file": "libavformat/movenc.c",
            "function": "mov_write_audio_tag"
        },
        "id": "CVE-2018-14395-c30bc0a5",
        "source": "https://github.com/ffmpeg/ffmpeg/commit/2c0e98a0b478284bdff6d7a4062522605a8beae5"
    },
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "88413214916599869005262271461099492956",
                "99490026392498700389421665331387618439",
                "22818687448778883533567042380121543425",
                "148013509794614994762799630272833705423"
            ]
        },
        "target": {
            "file": "libavformat/movenc.c"
        },
        "id": "CVE-2018-14395-efe74b9b",
        "source": "https://github.com/ffmpeg/ffmpeg/commit/fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582"
    },
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "88413214916599869005262271461099492956",
                "99490026392498700389421665331387618439",
                "22818687448778883533567042380121543425",
                "148013509794614994762799630272833705423"
            ]
        },
        "target": {
            "file": "libavformat/movenc.c"
        },
        "id": "CVE-2018-14395-f544f8fd",
        "source": "https://github.com/ffmpeg/ffmpeg/commit/2c0e98a0b478284bdff6d7a4062522605a8beae5"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14395.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]