usn-6803-1
Vulnerability from osv_ubuntu
Published
2024-05-30 15:53
Modified
2026-06-25 10:46
Summary
ffmpeg vulnerabilities
Details

Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-49501)

Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-49502)

Zhang Ling and Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-49528)

Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-50007)

Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2023-50008)

Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10. (CVE-2023-50009)

Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-50010)

Zeng Yunxiang and Li Zeyuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-51793)

Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-51794, CVE-2023-51798)

Zeng Yunxiang discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10. (CVE-2023-51795, CVE-2023-51796)

It was discovered that discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-31578)

It was discovered that discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-31582)

It was discovered that discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 23.10. (CVE-2024-31585)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-50010",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "ffmpeg",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libav-tools",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavcodec-extra",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavcodec-ffmpeg-extra56",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavcodec-ffmpeg56",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavdevice-ffmpeg56",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavfilter-ffmpeg5",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavformat-ffmpeg56",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavresample-ffmpeg2",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libavutil-ffmpeg54",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libpostproc-ffmpeg53",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libswresample-ffmpeg1",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          },
          {
            "binary_name": "libswscale-ffmpeg3",
            "binary_version": "7:2.8.17-0ubuntu0.1+esm7"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "ffmpeg",
        "purl": "pkg:deb/ubuntu/ffmpeg@7:2.8.17-0ubuntu0.1+esm7?arch=source\u0026distro=esm-apps/xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7:2.8.17-0ubuntu0.1+esm7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "7:2.7.2-1build1",
        "7:2.8.1-1ubuntu1",
        "7:2.8.2-1ubuntu1",
        "7:2.8.3-1",
        "7:2.8.4-1",
        "7:2.8.4-1ubuntu1",
        "7:2.8.4-1ubuntu2",
        "7:2.8.4-1ubuntu3",
        "7:2.8.4-1ubuntu4",
        "7:2.8.6-1ubuntu1",
        "7:2.8.6-1ubuntu2",
        "7:2.8.8-0ubuntu0.16.04.1",
        "7:2.8.10-0ubuntu0.16.04.1",
        "7:2.8.11-0ubuntu0.16.04.1",
        "7:2.8.14-0ubuntu0.16.04.1",
        "7:2.8.15-0ubuntu0.16.04.1",
        "7:2.8.15-0ubuntu0.16.04.1+esm1",
        "7:2.8.17-0ubuntu0.1",
        "7:2.8.17-0ubuntu0.1+esm1",
        "7:2.8.17-0ubuntu0.1+esm2",
        "7:2.8.17-0ubuntu0.1+esm3",
        "7:2.8.17-0ubuntu0.1+esm4",
        "7:2.8.17-0ubuntu0.1+esm5",
        "7:2.8.17-0ubuntu0.1+esm6"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-49502",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-50010",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51794",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51798",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-31578",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "ffmpeg",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavcodec-extra",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavcodec-extra57",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavcodec57",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavdevice57",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavfilter-extra",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavfilter-extra6",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavfilter6",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavformat57",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavresample3",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavutil55",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libpostproc54",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libswresample2",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libswscale4",
            "binary_version": "7:3.4.11-0ubuntu0.1+esm5"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "ffmpeg",
        "purl": "pkg:deb/ubuntu/ffmpeg@7:3.4.11-0ubuntu0.1+esm5?arch=source\u0026distro=esm-apps/bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7:3.4.11-0ubuntu0.1+esm5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "7:3.3.4-2",
        "7:3.3.4-2build3",
        "7:3.4-2ubuntu2",
        "7:3.4-4",
        "7:3.4-4build1",
        "7:3.4.1-1",
        "7:3.4.1-1build1",
        "7:3.4.2-1",
        "7:3.4.2-1build1",
        "7:3.4.2-2",
        "7:3.4.4-0ubuntu0.18.04.1",
        "7:3.4.6-0ubuntu0.18.04.1",
        "7:3.4.8-0ubuntu0.2",
        "7:3.4.11-0ubuntu0.1",
        "7:3.4.11-0ubuntu0.1+esm1",
        "7:3.4.11-0ubuntu0.1+esm2",
        "7:3.4.11-0ubuntu0.1+esm3",
        "7:3.4.11-0ubuntu0.1+esm4"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-49502",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-50010",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51794",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51798",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-31578",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "ffmpeg",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavcodec-extra",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavcodec-extra58",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavcodec58",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavdevice58",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavfilter-extra",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavfilter-extra7",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavfilter7",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavformat58",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavresample4",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libavutil56",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libpostproc55",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libswresample3",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          },
          {
            "binary_name": "libswscale5",
            "binary_version": "7:4.2.7-0ubuntu0.1+esm5"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:20.04:LTS",
        "name": "ffmpeg",
        "purl": "pkg:deb/ubuntu/ffmpeg@7:4.2.7-0ubuntu0.1+esm5?arch=source\u0026distro=esm-apps/focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7:4.2.7-0ubuntu0.1+esm5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "7:4.1.4-1build2",
        "7:4.2.1-2",
        "7:4.2.1-2ubuntu1",
        "7:4.2.2-1build1",
        "7:4.2.2-1ubuntu1",
        "7:4.2.4-1ubuntu0.1",
        "7:4.2.4-1ubuntu0.1+esm1",
        "7:4.2.7-0ubuntu0.1",
        "7:4.2.7-0ubuntu0.1+esm1",
        "7:4.2.7-0ubuntu0.1+esm2",
        "7:4.2.7-0ubuntu0.1+esm3",
        "7:4.2.7-0ubuntu0.1+esm4"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-49502",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-50010",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51793",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51794",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-51798",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-31578",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "ffmpeg",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavcodec-extra",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavcodec-extra58",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavcodec58",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavdevice58",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavfilter-extra",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavfilter-extra7",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavfilter7",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavformat-extra",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavformat-extra58",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavformat58",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libavutil56",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libpostproc55",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libswresample3",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          },
          {
            "binary_name": "libswscale5",
            "binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm4"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:22.04:LTS",
        "name": "ffmpeg",
        "purl": "pkg:deb/ubuntu/ffmpeg@7:4.4.2-0ubuntu0.22.04.1+esm4?arch=source\u0026distro=esm-apps/jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7:4.4.2-0ubuntu0.22.04.1+esm4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "7:4.4-6ubuntu5",
        "7:4.4.1-2ubuntu1",
        "7:4.4.1-3ubuntu1",
        "7:4.4.1-3ubuntu2",
        "7:4.4.1-3ubuntu3",
        "7:4.4.1-3ubuntu5",
        "7:4.4.2-0ubuntu0.22.04.1",
        "7:4.4.2-0ubuntu0.22.04.1+esm1",
        "7:4.4.2-0ubuntu0.22.04.1+esm2",
        "7:4.4.2-0ubuntu0.22.04.1+esm3"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-49501",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-49502",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-49528",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-50007",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-50008",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-31578",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-31582",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:24.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "ffmpeg",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavcodec-extra",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavcodec-extra60",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavcodec60",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavdevice60",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavfilter-extra",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavfilter-extra9",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavfilter9",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavformat-extra",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavformat-extra60",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavformat60",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libavutil58",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libpostproc57",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libswresample4",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          },
          {
            "binary_name": "libswscale7",
            "binary_version": "7:6.1.1-3ubuntu5+esm1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:24.04:LTS",
        "name": "ffmpeg",
        "purl": "pkg:deb/ubuntu/ffmpeg@7:6.1.1-3ubuntu5+esm1?arch=source\u0026distro=esm-apps/noble"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7:6.1.1-3ubuntu5+esm1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "7:6.0-6ubuntu1",
        "7:6.0-9ubuntu1",
        "7:6.1-2ubuntu1",
        "7:6.1-3ubuntu1",
        "7:6.1-4ubuntu1",
        "7:6.1-5ubuntu1",
        "7:6.1.1-1ubuntu1",
        "7:6.1.1-3ubuntu1",
        "7:6.1.1-3ubuntu5"
      ]
    }
  ],
  "aliases": [],
  "details": "Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled\ncertain input files. An attacker could possibly use this issue to cause\nFFmpeg to crash, resulting in a denial of service, or potential arbitrary\ncode execution. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-49501)\n\nZeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled\ncertain input files. An attacker could possibly use this issue to cause\nFFmpeg to crash, resulting in a denial of service, or potential arbitrary\ncode execution. This issue only affected Ubuntu 18.04 LTS,\nUbuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.\n(CVE-2023-49502)\n\nZhang Ling and Zeng Yunxiang discovered that FFmpeg incorrectly handled\ncertain input files. An attacker could possibly use this issue to cause\nFFmpeg to crash, resulting in a denial of service, or potential arbitrary\ncode execution. This issue only affected Ubuntu 23.10 and\nUbuntu 24.04 LTS. (CVE-2023-49528)\n\nZeng Yunxiang discovered that FFmpeg incorrectly handled certain input\nfiles. An attacker could possibly use this issue to cause FFmpeg to crash,\nresulting in a denial of service, or potential arbitrary code execution.\nThis issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS.\n(CVE-2023-50007)\n\nZeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled\ncertain input files. An attacker could possibly use this issue to cause\nFFmpeg to crash, resulting in a denial of service, or potential arbitrary\ncode execution. This issue only affected Ubuntu 23.10 and\nUbuntu 24.04 LTS. (CVE-2023-50008)\n\nZeng Yunxiang discovered that FFmpeg incorrectly handled certain input\nfiles. An attacker could possibly use this issue to cause FFmpeg to crash,\nresulting in a denial of service, or potential arbitrary code execution.\nThis issue only affected Ubuntu 23.10. (CVE-2023-50009)\n\nZeng Yunxiang discovered that FFmpeg incorrectly handled certain input\nfiles. An attacker could possibly use this issue to cause FFmpeg to crash,\nresulting in a denial of service, or potential arbitrary code execution.\nThis issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,\nUbuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-50010)\n\nZeng Yunxiang and Li Zeyuan discovered that FFmpeg incorrectly handled\ncertain input files. An attacker could possibly use this issue to cause\nFFmpeg to crash, resulting in a denial of service, or potential arbitrary\ncode execution. This issue only affected Ubuntu 22.04 LTS and\nUbuntu 23.10. (CVE-2023-51793)\n\nZeng Yunxiang discovered that FFmpeg incorrectly handled certain input\nfiles. An attacker could possibly use this issue to cause FFmpeg to crash,\nresulting in a denial of service, or potential arbitrary code execution.\nThis issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,\nUbuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-51794, CVE-2023-51798)\n\nZeng Yunxiang discovered that FFmpeg incorrectly handled certain input\nfiles. An attacker could possibly use this issue to cause FFmpeg to crash,\nresulting in a denial of service, or potential arbitrary code execution.\nThis issue only affected Ubuntu 23.10. (CVE-2023-51795, CVE-2023-51796)\n\nIt was discovered that discovered that FFmpeg incorrectly handled certain\ninput files. An attacker could possibly use this issue to cause FFmpeg to\ncrash, resulting in a denial of service, or potential arbitrary code\nexecution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,\nUbuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-31578)\n\nIt was discovered that discovered that FFmpeg incorrectly handled certain\ninput files. An attacker could possibly use this issue to cause FFmpeg to\ncrash, resulting in a denial of service, or potential arbitrary code\nexecution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS.\n(CVE-2024-31582)\n\nIt was discovered that discovered that FFmpeg incorrectly handled certain\ninput files. An attacker could possibly use this issue to cause FFmpeg to\ncrash, resulting in a denial of service, or potential arbitrary code\nexecution. This issue only affected Ubuntu 23.10. (CVE-2024-31585)\n",
  "id": "USN-6803-1",
  "modified": "2026-06-25T10:46:21Z",
  "published": "2024-05-30T15:53:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-6803-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-49501"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-49502"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-49528"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-50007"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-50008"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-50009"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-50010"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-51793"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-51794"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-51795"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-51796"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-51798"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-31578"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-31582"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-31585"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "ffmpeg vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2023-49501",
    "UBUNTU-CVE-2023-49502",
    "UBUNTU-CVE-2023-49528",
    "UBUNTU-CVE-2023-50007",
    "UBUNTU-CVE-2023-50008",
    "UBUNTU-CVE-2023-50009",
    "UBUNTU-CVE-2023-50010",
    "UBUNTU-CVE-2023-51793",
    "UBUNTU-CVE-2023-51794",
    "UBUNTU-CVE-2023-51795",
    "UBUNTU-CVE-2023-51796",
    "UBUNTU-CVE-2023-51798",
    "UBUNTU-CVE-2024-31578",
    "UBUNTU-CVE-2024-31582",
    "UBUNTU-CVE-2024-31585"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…