rpm package
suse/ffmpeg&distro=SUSE Linux Enterprise Real Time 15 SP3
pkg:rpm/suse/ffmpeg&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48434 | — | < 3.4.2-150200.11.28.1 | 3.4.2-150200.11.28.1 | Mar 29, 2023 | libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-vid | ||
| CVE-2022-3341 | — | < 3.4.2-150200.11.25.1 | 3.4.2-150200.11.25.1 | Jan 12, 2023 | A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an app | ||
| CVE-2022-3109 | — | < 3.4.2-150200.11.20.1 | 3.4.2-150200.11.20.1 | Dec 16, 2022 | An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. | ||
| CVE-2019-13390 | — | < 3.4.2-150200.11.25.1 | 3.4.2-150200.11.25.1 | Jul 7, 2019 | In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c. |
- CVE-2022-48434Mar 29, 2023affected < 3.4.2-150200.11.28.1fixed 3.4.2-150200.11.28.1
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-vid
- CVE-2022-3341Jan 12, 2023affected < 3.4.2-150200.11.25.1fixed 3.4.2-150200.11.25.1
A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an app
- CVE-2022-3109Dec 16, 2022affected < 3.4.2-150200.11.20.1fixed 3.4.2-150200.11.20.1
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
- CVE-2019-13390Jul 7, 2019affected < 3.4.2-150200.11.25.1fixed 3.4.2-150200.11.25.1
In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.