CVE-2014-7933 (retired)

Priority
Description
Use-after-free vulnerability in the matroska_read_seek function in
libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome
before 40.0.2214.91, allows remote attackers to cause a denial of service
or possibly have unspecified other impact via a crafted Matroska file that
triggers improper maintenance of tracks data.
Package
Upstream:released (40.0.2214.91)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored)
Ubuntu 14.04 LTS (Trusty Tahr):released (40.0.2214.94-0ubuntu0.14.04.1.1068)
Ubuntu 16.04 LTS (Xenial Xerus):released (40.0.2214.94-0ubuntu1.1120)
Ubuntu 18.04 LTS (Bionic Beaver):released (40.0.2214.94-0ubuntu1.1120)
Ubuntu 18.10 (Cosmic Cuttlefish):released (40.0.2214.94-0ubuntu1.1120)
Package
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected
Patches:
Upstream:http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
Package
Source: libav (LP Ubuntu Debian)
Upstream:released (0.8.17)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [4:0.8.17-0ubuntu0.12.04.1])
Ubuntu 14.04 LTS (Trusty Tahr):released (6:9.20-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Patches:
Upstream:https://git.libav.org/?p=libav.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682
Upstream:https://git.libav.org/?p=libav.git;a=commit;h=51dd54c51aaca909893c9f90a4119e96ff71ffdf (0.8)
Package
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (uses system ffmpeg)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected
Package
Upstream:released (1.4.2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1.4.2-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.4.2-0ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
More Information

Updated: 2019-03-26 12:13:36 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)