Bugzilla – Bug 1203441
VUL-0: CVE-2022-2566: ffmpeg-5: integer overflow in build_open_gop_key_points() leads to out of bounds read
Last modified: 2022-09-15 09:15:02 UTC
ffmpeg (<?)=5.1.1 has an out of bounds read vulnerability.
Sultan caught this before MITRE's made this public, so
all we really have to go on is the commit message:
"avformat/mov: Check count sums in build_open_gop_key_points()
Fixes: Out of array access
As far as I can tell, this only affects ffmpeg-5 in Factory (not ffmpeg or ffmpeg-4).