CVE-2015-5479

Priority
Medium
Description
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before
11.5 allows remote attackers to cause a denial of service (divide-by-zero
error and application crash) via a file with crafted dimensions.
References
Package
Source: libav (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [4:0.8.17-0ubuntu0.12.04.2])
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 17.10 (Artful Aardvark):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Patches:
Upstream:https://git.libav.org/?p=libav.git;a=commitdiff;h=0a49a62f998747cfa564d98d36a459fe70d3299b
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (7:2.8.3-1)
Ubuntu 17.10 (Artful Aardvark):not-affected (7:2.8.3-1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (7:2.8.3-1)
More Information

Updated: 2018-04-28 06:18:05 UTC (commit 14638)