Bugzilla – Bug 1190734
VUL-0: CVE-2021-38093: ffmpeg: Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c
Last modified: 2023-01-02 14:23:44 UTC
CVE-2021-38093 Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38093 https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/99f8d32129dd233d4eb2efa44678a0bc44869f23 https://trac.ffmpeg.org/ticket/8263
See bsc#1190735 for details as it has the same git commit.
SUSE-SU-2021:3521-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1186756,1187852,1189166,1190718,1190719,1190722,1190723,1190726,1190729,1190733,1190734,1190735 CVE References: CVE-2020-20891,CVE-2020-20892,CVE-2020-20895,CVE-2020-20896,CVE-2020-20899,CVE-2020-20902,CVE-2020-22037,CVE-2020-35965,CVE-2021-3566,CVE-2021-38092,CVE-2021-38093,CVE-2021-38094 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP3 (src): ffmpeg-3.4.2-11.17.1 SUSE Linux Enterprise Workstation Extension 15-SP2 (src): ffmpeg-3.4.2-11.17.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src): ffmpeg-3.4.2-11.17.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 (src): ffmpeg-3.4.2-11.17.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src): ffmpeg-3.4.2-11.17.1 SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src): ffmpeg-3.4.2-11.17.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2021:3521-1: An update that fixes 12 vulnerabilities is now available. Category: security (moderate) Bug References: 1186756,1187852,1189166,1190718,1190719,1190722,1190723,1190726,1190729,1190733,1190734,1190735 CVE References: CVE-2020-20891,CVE-2020-20892,CVE-2020-20895,CVE-2020-20896,CVE-2020-20899,CVE-2020-20902,CVE-2020-22037,CVE-2020-35965,CVE-2021-3566,CVE-2021-38092,CVE-2021-38093,CVE-2021-38094 JIRA References: Sources used: openSUSE Leap 15.3 (src): ffmpeg-3.4.2-11.17.1
Done.
SUSE-SU-2023:0005-1: An update that fixes 14 vulnerabilities is now available. Category: security (important) Bug References: 1186756,1186761,1187852,1189166,1190718,1190719,1190722,1190723,1190726,1190729,1190733,1190734,1190735,1206442 CVE References: CVE-2020-20891,CVE-2020-20892,CVE-2020-20895,CVE-2020-20896,CVE-2020-20899,CVE-2020-20902,CVE-2020-22037,CVE-2020-22042,CVE-2020-35965,CVE-2021-3566,CVE-2021-38092,CVE-2021-38093,CVE-2021-38094,CVE-2022-3109 JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15-SP1 (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise Server for SAP 15 (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise Server 15-SP1-LTSS (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise Server 15-SP1-BCL (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise Server 15-LTSS (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): ffmpeg-3.4.2-150000.4.44.1 SUSE Enterprise Storage 6 (src): ffmpeg-3.4.2-150000.4.44.1 SUSE CaaS Platform 4.0 (src): ffmpeg-3.4.2-150000.4.44.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.