← All advisories

Unrated severityNVD Advisory· Published Oct 14, 2019· Updated Aug 5, 2024

CVE-2019-17542

CVE-2019-17542

Description

FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8

FFmpeg/FFmpegdescription
FFmpeg/Ffmpegllm-fuzzy
Range: <4.2
osv-coords6 versions
pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015 pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1
< 3.4.2-4.27.1+ 5 more
- (no CPE)range: < 3.4.2-4.27.1
- (no CPE)range: < 3.4.2-4.27.1
- (no CPE)range: < 3.4.2-4.27.1
- (no CPE)range: < 3.4.2-4.27.1
- (no CPE)range: < 3.4.2-4.27.1
- (no CPE)range: < 3.4.2-4.27.1

Patches

Vulnerability mechanics

References

7

security.gentoo.org/glsa/202003-65mitrevendor-advisoryx_refsource_GENTOO
usn.ubuntu.com/4431-1/mitrevendor-advisoryx_refsource_UBUNTU
www.debian.org/security/2020/dsa-4722mitrevendor-advisoryx_refsource_DEBIAN
bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2mitrex_refsource_MISC
lists.debian.org/debian-lts-announce/2019/12/msg00003.htmlmitremailing-listx_refsource_MLIST
lists.debian.org/debian-lts-announce/2020/07/msg00022.htmlmitremailing-listx_refsource_MLIST

News mentions

0

No linked articles in our index yet.