CVE-2008-4866

Published: 31 October 2008

Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY.

Notes

Author	Note
mdeslaur	vulnerable code doesn't seem to exist in gutsy and hardy debian says: [etch] - ffmpeg <not-affected> (Vulnerable code not present) kino is built with --disable-local-ffmpeg, so it's not vulnerable
sbeattie	as of lucid, mplayer uses system ffmpeg rather than embedded version

Author

Note

mdeslaur

vulnerable code doesn't seem to exist in gutsy and hardy
debian says: [etch] - ffmpeg <not-affected> (Vulnerable code not present)
kino is built with --disable-local-ffmpeg, so it's not vulnerable

sbeattie

as of lucid, mplayer uses system ffmpeg rather than embedded
version

Priority

Status

Package	Release	Status
ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Not vulnerable (code not present)
	hardy	Not vulnerable (code not present)
	intrepid	Ignored (end of life, was needed)
	jaunty	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	karmic	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	lucid	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	maverick	Not vulnerable (3:0.svn20090303-1ubuntu1+unstripped1)
	natty	Does not exist
	oneiric	Does not exist
	upstream	Needs triage
	Patches: upstream: http://svn.ffmpeg.org/ffmpeg/trunk/libavformat/utils.c?r1=14677&r2=14714 upstream: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=9ea55926ccc0496af15a927d15da7a579ea4c4de upstream: http://svn.ffmpeg.org/ffmpeg/trunk/libavformat/avformat.h?r1=14667&r2=14715 upstream: http://git.ffmpeg.org/?p=ffmpeg;a=commitdiff;h=6d72f36df6550aaefa047ad466fca9979b770ab2 vendor: http://patch-tracking.debian.net/patch/series/view/ffmpeg-debian/0.svn20080206-17/050_CVE-2008-4866.patch vendor: http://patch-tracking.debian.net/patch/series/view/ffmpeg-debian/0.svn20080206-17/050_CVE-2008-4866-2.patch
ffmpeg-debian Launchpad, Ubuntu, Debian	dapper	Does not exist
	feisty	Does not exist
	gutsy	Does not exist
	hardy	Does not exist
	intrepid	Released (3:0.svn20080206-12ubuntu3.1)
	jaunty	Not vulnerable (3:0.svn20090303-1ubuntu1)
	karmic	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Needs triage
gstreamer0.10-ffmpeg Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Ignored (end of life, was needed)
	hardy	Not vulnerable (code not present)
	intrepid	Not vulnerable (code not present)
	jaunty	Not vulnerable (code not present)
	karmic	Not vulnerable (code not present)
	lucid	Not vulnerable (code not present)
	maverick	Not vulnerable (code not present)
	natty	Not vulnerable (code not present)
	oneiric	Not vulnerable (code not present)
	upstream	Needs triage
kino Launchpad, Ubuntu, Debian	dapper	Not vulnerable (code not present)
	gutsy	Not vulnerable (uses system ffmpeg)
	hardy	Not vulnerable (uses system ffmpeg)
	intrepid	Not vulnerable (uses system ffmpeg)
	jaunty	Not vulnerable (uses system ffmpeg)
	karmic	Not vulnerable (uses system ffmpeg)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	oneiric	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
mplayer Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Ignored (end of life, was needed)
	hardy	Ignored (end of life)
	intrepid	Ignored (end of life, was needed)
	jaunty	Ignored (end of life)
	karmic	Ignored (end of life)
	lucid	Not vulnerable (uses system ffmpeg)
	maverick	Not vulnerable (uses system ffmpeg)
	natty	Not vulnerable (uses system ffmpeg)
	oneiric	Not vulnerable (uses system ffmpeg)
	upstream	Needs triage
xmovie Launchpad, Ubuntu, Debian	dapper	Ignored (end of life)
	gutsy	Does not exist
	hardy	Does not exist
	intrepid	Does not exist
	jaunty	Does not exist
	karmic	Does not exist
	lucid	Does not exist
	maverick	Does not exist
	natty	Does not exist
	oneiric	Does not exist
	upstream	Needs triage

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›