CVE-2019-17539

Priority
Description
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL
pointer dereference and possibly unspecified other impact when there is no
valid close function pointer.
Notes
ebarrettoThis issue was caused by b1febda0619
The above commit was never integrated to 2.8.x
but for 3.4, it was both integrated and fixed in 3.4.7, so
letting bionic version marked as needed.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):released (7:3.4.8-0ubuntu0.2)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (7:4.2.1-2)
Ubuntu 20.10 (Groovy Gorilla):not-affected (7:4.2.1-2)
Patches:
Upstream:https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c
Package
Source: libav (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
More Information

Updated: 2020-07-28 20:07:04 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)