Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

openSUSE Leap 16.0 ffmpeg-7 Moderate Integer Overflow Vuln 2026-21211-1

opensuse
Calendar Grey July 3, 2026
Dist Opensuse Esm H88
A new security advisory for openSUSE's ffmpeg-7 address moderate severity vulnerabilities identified with integer overflow risks.
An update that solves 7 vulnerabilities and has 6 bug fixes can now be installed.

Description

This update for ffmpeg-7 fixes the following issues

- CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow (bsc#1262237).

Changes for ffmpeg-7:

- Update to version 7.1.4:

* Codec, format, filter and various other bugfixes.

* lavc/aarch64: Fix addp overflow in ff_pred16x16_plane_neon_10

* swscale/output: Fix integer overflow in yuv2ya16_X_c_template()

* avformat/avformat: clear FFFormatContext packet queue when

closing a muxer

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-1137=1

Patch

Package List

- openSUSE Leap 16.0:

ffmpeg-7-7.1.4-160000.1.1

ffmpeg-7-libavcodec-devel-7.1.4-160000.1.1

ffmpeg-7-libavdevice-devel-7.1.4-160000.1.1

ffmpeg-7-libavfilter-devel-7.1.4-160000.1.1

ffmpeg-7-libavformat-devel-7.1.4-160000.1.1

ffmpeg-7-libavutil-devel-7.1.4-160000.1.1

ffmpeg-7-libpostproc-devel-7.1.4-160000.1.1

ffmpeg-7-libswresample-devel-7.1.4-160000.1.1

ffmpeg-7-libswscale-devel-7.1.4-160000.1.1

libavcodec61-7.1.4-160000.1.1

libavdevice61-7.1.4-160000.1.1

libavfilter10-7.1.4-160000.1.1

libavformat61-7.1.4-160000.1.1

libavutil59-7.1.4-160000.1.1

libpostproc58-7.1.4-160000.1.1

libswresample5-7.1.4-160000.1.1

libswscale8-7.1.4-160000.1.1

References

* bsc#1220545

* bsc#1234030

* bsc#1237561

* bsc#1249393

* bsc#1249431

* bsc#1262237

References:

* https://www.suse.com/security/cve/CVE-2023-6601.html

* https://www.suse.com/security/cve/CVE-2024-35366.html

* https://www.suse.com/security/cve/CVE-2025-10256.html

* https://www.suse.com/security/cve/CVE-2025-1594.html

* https://www.suse.com/security/cve/CVE-2025-25473.html

* https://www.suse.com/security/cve/CVE-2025-9951.html

* https://www.suse.com/security/cve/CVE-2026-40962.html

Severity
moderate
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21211-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here