CVE-2017-7859

Metadata

high
7.5
ffmpeg
CVE-2017-7859
cve.mitre.org, bugs.chromium.org
2017-04-14
2017-10-23 14:19
CVE-2017-7859 ffmpeg
2017-07-20 21:31
2017-06-16 19:22
2017-05-10 23:49
2017-04-15 05:03

Description

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

None

Unaffected

Release Package Reason
precise ffmpeg DNE
precise/esm ffmpeg DNE
trusty ffmpeg DNE
vivid/stable-phone-overlay ffmpeg DNE
vivid/ubuntu-core ffmpeg DNE
yakkety ffmpeg ignored

Needs Triage

Release Package Reason
upstream ffmpeg needs-triage
xenial ffmpeg needs-triage
zesty ffmpeg needs-triage
artful ffmpeg needs-triage
devel ffmpeg needs-triage