|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2023-51797: ffmpeg: buffer overflow in the showwaves_filter_frame function in libavfilter/avf_showwaves.c | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Distribution | Reporter: | SMASH SMASH <smash_bz> |
| Component: | Other | Assignee: | Jan Engelhardt <jengelh> |
| Status: | RESOLVED INVALID | QA Contact: | Security Team bot <security-team> |
| Severity: | Major | ||
| Priority: | P5 - None | CC: | camila.matos |
| Version: | Leap 15.6 | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/402769/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2023-51797:7.8:(AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
SMASH SMASH
2024-04-22 19:34:28 UTC
No FFmpeg packages in the SLE and the openSUSE codestreams are currently affected by this issue. The changes from the fixing commit [0] only apply if the changes from commit ee664f41dbd [1] are also present. The changes from the latter were only introduced in version 6.1 of FFmpeg. openSUSE:Factory/ffmpeg-6 is not affected because it already contains the changes that fix the vulnerability. [0] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/08bd2cbfeb34717d60ec62bcbaeb7996206df906 [1] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/ee664f41dbd94d896c5b45fa0d916a0b82f22b34 Fix 08bd2cbfeb34717d60ec62bcbaeb7996206df906 is included in refs/tags/n6.1.1 as commit ea276a511a. openSUSE:Factory/ffmpeg-6 already has 6.1.1. |