CVE-2017-7208

Priority
Description
The decode_residual function in libavcodec in libav 9.21 allows remote
attackers to cause a denial of service (buffer over-read) or obtain
sensitive information from process memory via a crafted h264 video file.
Ubuntu-Description
It was discovered that FFmpeg incorrectly handled certain h264 video files. If
a user were tricked into opening a crafted multimedia file, an attacker could
cause a denial of service via application crash or obtain sensitive information
from process memory.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.04 (Disco Dingo):needed
Ubuntu 19.10 (Eoan):needed
Package
Source: libav (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-09-19 14:40:26 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)