An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "faad", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "faad-dbgsym", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "faad2-dbg", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "libfaad-dev", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "libfaad-dev-dbgsym", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "libfaad2", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" }, { "binary_name": "libfaad2-dbgsym", "binary_version": "2.7-8+deb8u3ubuntu0.1~esm1" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "faad", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "faad-dbgsym", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "faad2-dbg", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "libfaad-dev", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "libfaad-dev-dbgsym", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "libfaad2", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" }, { "binary_name": "libfaad2-dbgsym", "binary_version": "2.8.0~cvs20150510-1ubuntu0.1+esm1" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "faad", "binary_version": "2.8.8-1ubuntu0.1~esm1" }, { "binary_name": "faad-dbgsym", "binary_version": "2.8.8-1ubuntu0.1~esm1" }, { "binary_name": "libfaad-dev", "binary_version": "2.8.8-1ubuntu0.1~esm1" }, { "binary_name": "libfaad2", "binary_version": "2.8.8-1ubuntu0.1~esm1" }, { "binary_name": "libfaad2-dbgsym", "binary_version": "2.8.8-1ubuntu0.1~esm1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "faad", "binary_version": "2.9.1-1ubuntu0.1" }, { "binary_name": "faad-dbgsym", "binary_version": "2.9.1-1ubuntu0.1" }, { "binary_name": "libfaad-dev", "binary_version": "2.9.1-1ubuntu0.1" }, { "binary_name": "libfaad2", "binary_version": "2.9.1-1ubuntu0.1" }, { "binary_name": "libfaad2-dbgsym", "binary_version": "2.9.1-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "faad", "binary_version": "2.10.0-2" }, { "binary_name": "faad-dbgsym", "binary_version": "2.10.0-2" }, { "binary_name": "libfaad-dev", "binary_version": "2.10.0-2" }, { "binary_name": "libfaad2", "binary_version": "2.10.0-2" }, { "binary_name": "libfaad2-dbgsym", "binary_version": "2.10.0-2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "faad", "binary_version": "2.10.1-1" }, { "binary_name": "faad-dbgsym", "binary_version": "2.10.1-1" }, { "binary_name": "libfaad-dev", "binary_version": "2.10.1-1" }, { "binary_name": "libfaad2", "binary_version": "2.10.1-1" }, { "binary_name": "libfaad2-dbgsym", "binary_version": "2.10.1-1" } ] }