Unrated severityNVD Advisory· Published Oct 14, 2019· Updated Aug 5, 2024

CVE-2019-17539

Description

In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

FFmpeg/FFmpegdescription
FFmpeg/Ffmpegllm-fuzzy
Range: <4.2
osv-coords20 versions
pkg:rpm/opensuse/ffmpeg&distro=openSUSE%20Leap%2015.3 pkg:rpm/suse/ffmpeg&distro=SUSE%20Enterprise%20Storage%206 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3 pkg:rpm/suse/ffmpeg&distro=SUSE%20Manager%20Proxy%204.0 pkg:rpm/suse/ffmpeg&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0 pkg:rpm/suse/ffmpeg&distro=SUSE%20Manager%20Server%204.0
< 3.4.2-11.3.1+ 19 more
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-11.3.1
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2
- (no CPE)range: < 3.4.2-4.34.2

Patches

Vulnerability mechanics

References

security.gentoo.org/glsa/202003-65mitrevendor-advisoryx_refsource_GENTOO
usn.ubuntu.com/4431-1/mitrevendor-advisoryx_refsource_UBUNTU
www.debian.org/security/2020/dsa-4722mitrevendor-advisoryx_refsource_DEBIAN
bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670cmitrex_refsource_MISC
lists.debian.org/debian-lts-announce/2021/01/msg00026.htmlmitremailing-listx_refsource_MLIST

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000