UBUNTU-CVE-2023-6604
- Source
- https://ubuntu.com/security/CVE-2023-6604
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-6604.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-6604
- Related
- Published
- 2025-01-06T17:15:00Z
- Modified
- 2025-01-13T10:24:15Z
- Summary
- [none]
- Details
-
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation.
- References
Affected packages
Ubuntu:Pro:14.04:LTS / libav
Package
- Name
- libav
- Purl
- pkg:deb/ubuntu/libav@6:9.20-0ubuntu0.14.04.1+esm1?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6:0.*
6:0.8.7-1ubuntu2
6:9.*
6:9.10-1ubuntu1
6:9.10-1ubuntu2
6:9.10-1ubuntu5
6:9.10-1ubuntu6
6:9.10-1ubuntu7
6:9.11-2ubuntu1
6:9.11-2ubuntu2
6:9.13-0ubuntu0.14.04.1
6:9.14-0ubuntu0.14.04.1
6:9.16-0ubuntu0.14.04.1
6:9.18-0ubuntu0.14.04.1
6:9.20-0ubuntu0.14.04.1
6:9.20-0ubuntu0.14.04.1+esm1
Ubuntu:Pro:16.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:2.8.17-0ubuntu0.1+esm9?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
7:2.*
7:2.7.2-1build1
7:2.8.1-1ubuntu1
7:2.8.2-1ubuntu1
7:2.8.3-1
7:2.8.4-1
7:2.8.4-1ubuntu1
7:2.8.4-1ubuntu2
7:2.8.4-1ubuntu3
7:2.8.4-1ubuntu4
7:2.8.6-1ubuntu1
7:2.8.6-1ubuntu2
7:2.8.8-0ubuntu0.16.04.1
7:2.8.10-0ubuntu0.16.04.1
7:2.8.11-0ubuntu0.16.04.1
7:2.8.14-0ubuntu0.16.04.1
7:2.8.15-0ubuntu0.16.04.1
7:2.8.15-0ubuntu0.16.04.1+esm1
7:2.8.17-0ubuntu0.1
7:2.8.17-0ubuntu0.1+esm1
7:2.8.17-0ubuntu0.1+esm2
7:2.8.17-0ubuntu0.1+esm3
7:2.8.17-0ubuntu0.1+esm4
7:2.8.17-0ubuntu0.1+esm5
7:2.8.17-0ubuntu0.1+esm6
7:2.8.17-0ubuntu0.1+esm7
7:2.8.17-0ubuntu0.1+esm8
7:2.8.17-0ubuntu0.1+esm9
Ubuntu:Pro:18.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:3.4.11-0ubuntu0.1+esm7?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
7:3.*
7:3.3.4-2
7:3.3.4-2build3
7:3.4-2ubuntu2
7:3.4-4
7:3.4-4build1
7:3.4.1-1
7:3.4.1-1build1
7:3.4.2-1
7:3.4.2-1build1
7:3.4.2-2
7:3.4.4-0ubuntu0.18.04.1
7:3.4.6-0ubuntu0.18.04.1
7:3.4.8-0ubuntu0.2
7:3.4.11-0ubuntu0.1
7:3.4.11-0ubuntu0.1+esm1
7:3.4.11-0ubuntu0.1+esm2
7:3.4.11-0ubuntu0.1+esm3
7:3.4.11-0ubuntu0.1+esm4
7:3.4.11-0ubuntu0.1+esm5
7:3.4.11-0ubuntu0.1+esm6
7:3.4.11-0ubuntu0.1+esm7
Ubuntu:20.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:4.2.7-0ubuntu0.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:4.4.2-0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.10 / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:7.0.2-3ubuntu1?arch=source&distro=oracular
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:6.1.1-3ubuntu5?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected