user/ffmpeg: multiple vulnerabilities
Bugzilla ID | 331 |
Alias(es) | CVE-2020-13904, CVE-2020-14212 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2020-07-09 14:16:44 -0500 |
Modified | 2020-07-29 16:30:59 -0500 |
Status | IN_PROGRESS |
Version | 1.0-RC1 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Package(s) | user/ffmpeg |
Description
CVE-2020-13904: https://nvd.nist.gov/vuln/detail/CVE-2020-13904
FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an
m3u8 file because parse_playlist in libavformat/hls.c frees a pointer,
and later that pointer is accessed in av_probe_input_format3 in
libavformat/format.c.
Unreleased fix https://github.com/FFmpeg/FFmpeg/commit/9dfb19baeb86a8bb02c53a441682c6e9a6e104cc