Bugzilla – Bug 1223253
VUL-0: CVE-2023-50007: ffmpeg,ffmpeg-4: arbitrary code execution via theav_samples_set_silence function in thelibavutil/samplefmt.c
Last modified: 2024-05-17 17:41:34 UTC
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50007 https://www.cve.org/CVERecord?id=CVE-2023-50007 https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47 https://trac.ffmpeg.org/ticket/10700 https://bugzilla.redhat.com/show_bug.cgi?id=2276128
Considering that the fixing commit for this issue is commit b1942734 [0], it would seem like no FFmpeg version before version 5.0 can be fixed, as file 'libavfilter/af_afwtdn.c' was only added to the FFmpeg code at this version. Changes from commit 6846d48f [1] are the ones that add the afwtdn filter functionality. If the root cause of the vulnerability is indeed located in this part of the code only, then FFmpeg before 5.0 is not vulnerable to CVE-2023-50007. Considering that the upstream ticket [2] has been closed and no other commits are referenced by the only provided fixing commit in the CVE references, it is possible that there will be no other fixes other than the one applied to 'libavfilter/af_afwtdn.c'. [0] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47 [1] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/6846d48fa64d077c0b5e7786d4a9d49a3d81025d [2] https://trac.ffmpeg.org/ticket/10700
This is an autogenerated message for OBS integration: This bug (1223253) was mentioned in https://build.opensuse.org/request/show/1170119 Factory / ffmpeg-6
This is an autogenerated message for OBS integration: This bug (1223253) was mentioned in https://build.opensuse.org/request/show/1170214 Factory / ffmpeg-5