Bugzilla – Bug 1209934
VUL-0: CVE-2022-48434: ffmpeg-4,ffmpeg: Use after free in libavcodec/pthread_frame.c
Last modified: 2024-05-06 08:52:35 UTC
CVE-2022-48434 libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used). References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-48434 https://bugzilla.redhat.com/show_bug.cgi?id=2182839 https://www.cve.org/CVERecord?id=CVE-2022-48434 https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cc867f2c09d2b69cee8a0eccd62aff002cbbfe11 https://news.ycombinator.com/item?id=35356201 https://wrv.github.io/h26forge.pdf
I assume Alynx would be able to get into it.
SRs are accepted
SUSE-SU-2023:2087-1: An update that solves one vulnerability and has one fix can now be installed. Category: security (important) Bug References: 1206067, 1209934 CVE References: CVE-2022-48434 Sources used: openSUSE Leap 15.4 (src): ffmpeg-4-4.4-150400.3.15.1 Desktop Applications Module 15-SP4 (src): ffmpeg-4-4.4-150400.3.15.1 SUSE Package Hub 15 15-SP4 (src): ffmpeg-4-4.4-150400.3.15.1 SUSE Linux Enterprise Workstation Extension 15 SP4 (src): ffmpeg-4-4.4-150400.3.15.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2108-1: An update that solves one vulnerability can now be installed. Category: security (important) Bug References: 1209934 CVE References: CVE-2022-48434 Sources used: openSUSE Leap 15.4 (src): ffmpeg-3.4.2-150200.11.28.1 Desktop Applications Module 15-SP4 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Package Hub 15 15-SP4 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise Real Time 15 SP3 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Linux Enterprise Workstation Extension 15 SP4 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Enterprise Storage 7.1 (src): ffmpeg-3.4.2-150200.11.28.1 SUSE Enterprise Storage 7 (src): ffmpeg-3.4.2-150200.11.28.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:2115-1: An update that solves three vulnerabilities can now be installed. Category: security (important) Bug References: 1140754, 1206778, 1209934 CVE References: CVE-2019-13390, CVE-2022-3341, CVE-2022-48434 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): ffmpeg-3.4.2-150000.4.53.2 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): ffmpeg-3.4.2-150000.4.53.2 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): ffmpeg-3.4.2-150000.4.53.2 SUSE Enterprise Storage 6 (src): ffmpeg-3.4.2-150000.4.53.2 SUSE CaaS Platform 4.0 (src): ffmpeg-3.4.2-150000.4.53.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done, closing