CVE-2017-7865 ffmpeg

Metadata

high
7.5
ffmpeg
CVE-2017-7865
2017-06-18 07:51
CVE-2017-7865 libav
CVE-2017-7865
2017-06-16 19:22
2017-04-21 05:03
2017-04-15 05:03
2017-04-14 15:03

Description

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster ffmpeg 7:3.2.4-1
sid ffmpeg 7:3.2.4-1
stretch ffmpeg 7:3.2.4-1