In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avprivrequestsample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "ffmpeg" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "ffmpeg-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "ffmpeg-doc" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavcodec-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavcodec-extra" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavcodec-extra57" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavcodec-extra57-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavcodec57" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavcodec57-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavdevice-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavdevice57" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavdevice57-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavfilter-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavfilter-extra" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavfilter-extra6" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavfilter-extra6-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavfilter6" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavfilter6-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavformat-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavformat57" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavformat57-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavresample-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavresample3" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavresample3-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavutil-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavutil55" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libavutil55-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libpostproc-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libpostproc54" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libpostproc54-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libswresample-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libswresample2" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libswresample2-dbgsym" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libswscale-dev" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libswscale4" }, { "binary_version": "7:3.4.4-0ubuntu0.18.04.1", "binary_name": "libswscale4-dbgsym" } ] }