openSUSE-SU-2016:2556-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2016:2556-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2016:2556-1
- Upstream
- Related
- Published
- 2016-10-18T08:52:34Z
- Modified
- 2025-05-07T18:09:24.566325Z
- Summary
- Security update for ffmpeg
- Details
-
This update for ffmpeg fixes multiple security issues in ffmpeg (boo#1003806)
These vulnerabilities can be triggered when processing specially crafted avi video content, and could lead to crashes or have unspecified further impact including potential code execution.
- CVE-2016-7562: out-of-bounds array write fault via specially crafted avi files
- CVE-2016-7502: out-of-bounds array write via incorrect block values
- CVE-2016-7905: null-point-exception when decoding avi files with crafted 'gab2' structs
- CVE-2016-7555: memory leak when decoding avi files with crafted 'strh' struct
- CVE-2016-7785: assert fault via avi files with crafted 'strh' struct
- References
Affected packages
SUSE:Package Hub 12 SP1 / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:rpm/suse/ffmpeg&distro=SUSE%20Package%20Hub%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.8.8-6.1
Ecosystem specific
{
"binaries": [
{
"libavutil54": "2.8.8-6.1",
"libswscale-devel": "2.8.8-6.1",
"ffmpeg-devel": "2.8.8-6.1",
"libavdevice56": "2.8.8-6.1",
"libavformat56": "2.8.8-6.1",
"libswscale3": "2.8.8-6.1",
"libavcodec56": "2.8.8-6.1",
"libavformat-devel": "2.8.8-6.1",
"libavdevice-devel": "2.8.8-6.1",
"libavresample2": "2.8.8-6.1",
"libswresample-devel": "2.8.8-6.1",
"ffmpeg": "2.8.8-6.1",
"libavresample-devel": "2.8.8-6.1",
"libpostproc53": "2.8.8-6.1",
"libavfilter5": "2.8.8-6.1",
"libswresample1": "2.8.8-6.1",
"libpostproc-devel": "2.8.8-6.1",
"libavcodec-devel": "2.8.8-6.1",
"libavutil-devel": "2.8.8-6.1",
"libavfilter-devel": "2.8.8-6.1"
}
]
}