Another vulnerability was found in ffmpeg. The problem is related to memory allocation. The function XVID_ENC_GetCodecs() of the file libavcodec/xvidvfw.c of the component XviD encoder may lead to memory corruption. The attack is possible to execute locally. The name of the patch is f5d5c5b5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-234743.

Another vulnerability was found in ffmpeg. The problem is related to memory allocation. The function XVID_ENC_GetCodecs() of the file libavcodec/xvidvfw.c of the component XviD encoder may lead to memory corruption. The attack is possible to execute locally. The name of the patch is f5d5c5b5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-234743. A critical vulnerability was found in ffmpeg. The code of the function XVID_ENC_CreateCodecs() of the file libavcodec/xvidvfw.c of the component XviD encoder may lead to NULL pointer dereference. The attack may be executed remotely. The name of the patch is 1d8d8ee55. It is recommended to apply a patch to fix this issue. The identifier of

How to check if FFmpeg is vulnerable?

The vulnerability has been patched. FFmpeg is not vulnerable to this issue.

Timeline

Published on: 11/13/2022 08:15:00 UTC
Last modified on: 11/17/2022 20:56:00 UTC

References