CVE-2020-12284
N/A
N/A
Summary
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19734
- https://www.debian.org/security/2020/dsa-4722
- https://usn.ubuntu.com/4431-1/
- https://security.gentoo.org/glsa/202007-58
- https://github.com/FFmpeg/FFmpeg/commit/a3a3730b5456ca00587455004d40c047f7b20a99
References
- https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19734
- https://www.debian.org/security/2020/dsa-4722
- https://usn.ubuntu.com/4431-1/
- https://security.gentoo.org/glsa/202007-58
- https://github.com/FFmpeg/FFmpeg/commit/a3a3730b5456ca00587455004d40c047f7b20a99
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.