CVE-2021-28429

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-28429

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28429.json

Related

USN-6430-1

Published

2023-08-11T14:15:12Z

Modified

2024-05-14T08:23:30.636655Z

Summary

[none]

Details

Integer overflow vulnerability in avtimecodemake_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.

References

https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c94875471e3ba3dc396c6919ff3ec9b14539cd71

Affected packages

Git / git.ffmpeg.org/ffmpeg.git

Affected ranges

Type: GIT
Repo: https://git.ffmpeg.org/ffmpeg.git
Events: Introduced

0The exact introduced commit is unknown

Fixed

c94875471e3ba3dc396c6919ff3ec9b14539cd71

Type: GIT
Repo: https://github.com/ffmpeg/ffmpeg
Events: Introduced

0The exact introduced commit is unknown

Last affected

f719f869907764e6412a6af6e178c46e5f915d25

Affected versions

Other

n0.*

n0.11-dev

n0.12-dev

n0.8

n1.*

n1.1-dev

n1.2-dev

n1.3-dev

n2.*

n2.0

n2.1-dev

n2.2-dev

n2.3-dev

n2.4-dev

n2.5-dev

n2.6-dev

n2.7-dev

n2.8-dev

n2.9-dev

n3.*

n3.1-dev

n3.2-dev

n3.3-dev

n3.4-dev

n3.5-dev

n4.*

n4.1-dev

n4.2-dev

n4.3

n4.3-dev

n4.3.1

n4.3.2

n4.4-dev