Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

161 – 170 of 479 results


CVE-2018-13303

Low priority
Needs evaluation

In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4,...

11 affected packages

chromium-browser, ffmpeg, gst-libav1.0, gstreamer0.10-ffmpeg, kino...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Ignored Ignored Ignored Ignored Ignored
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gstreamer0.10-ffmpeg Not in release Not in release Not in release Not in release Not in release
kino Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vlc Not affected Not affected Not affected Not affected Not affected
Show all 11 packages Show less packages

CVE-2018-13302

Medium priority

Some fixes available 15 of 95

In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while...

11 affected packages

chromium-browser, ffmpeg, gst-libav1.0, gstreamer0.10-ffmpeg, kino...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Ignored Ignored Ignored Ignored Ignored
ffmpeg Fixed Fixed Fixed Fixed Fixed
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gstreamer0.10-ffmpeg Not in release Not in release Not in release Not in release Not in release
kino Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vlc Not affected Not affected Not affected Not affected Not affected
Show all 11 packages Show less packages

CVE-2018-13301

Low priority
Needs evaluation

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to...

10 affected packages

chromium-browser, ffmpeg, gst-libav1.0, gstreamer0.10-ffmpeg, libav...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Ignored Ignored Ignored Ignored Ignored
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gstreamer0.10-ffmpeg Not in release Not in release Not in release Not in release Not in release
libav Not in release Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vlc Not affected Not affected Not affected Not affected Not affected
Show all 10 packages Show less packages

CVE-2018-13300

Medium priority

Some fixes available 14 of 94

In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI...

11 affected packages

chromium-browser, ffmpeg, gst-libav1.0, gstreamer0.10-ffmpeg, kino...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Ignored Ignored Ignored Ignored Ignored
ffmpeg Fixed Fixed Fixed Fixed Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gstreamer0.10-ffmpeg Not in release Not in release Not in release Not in release Not in release
kino Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vlc Not affected Not affected Not affected Not affected Not affected
Show all 11 packages Show less packages

CVE-2018-12460

Low priority
Ignored

libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected
Show less packages

CVE-2018-12459

Low priority
Ignored

An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial...

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected
Show less packages

CVE-2018-12458

Low priority

Some fixes available 2 of 3

An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Fixed Fixed
Show less packages

CVE-2018-7751

Medium priority

Some fixes available 1 of 54

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.

8 affected packages

ffmpeg, gst-libav1.0, libav, mplayer, mythtv...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Fixed Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release Ignored
vice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vlc Not affected Not affected Not affected Not affected Not affected
Show all 8 packages Show less packages

CVE-2018-10001

Low priority

Some fixes available 1 of 2

The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Fixed Not affected
libav Not in release Not in release
Show less packages

CVE-2018-9841

Medium priority

Some fixes available 1 of 2

The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Fixed Not affected
libav Not in release Not in release
Show less packages