Bugzilla – Bug 1180519
VUL-0: CVE-2020-35964: ffmpeg, ffmpeg-4: track_header in libavformat/vividas.c has an out-of-bounds write because of incorrect extradata packing.
Last modified: 2021-09-11 02:39:55 UTC
CVE-2020-35964 track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35964 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35964 https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7
only affects ffmpeg-4, ffmpeg not affected
no official maintainer, assigning to Bjørn because he did the last version update. Please reassign if this is wrong.
Assigning to maintainer(s) - adding to cc list
This is an autogenerated message for OBS integration: This bug (1180519) was mentioned in https://build.opensuse.org/request/show/869852 Factory / ffmpeg-4
This is an autogenerated message for OBS integration: This bug (1180519) was mentioned in https://build.opensuse.org/request/show/870496 Factory / ffmpeg-4
Submission accepted.