SUSE: 2018:2305-1 Moderate: ffmpeg Security Issues Fixed
suse
August 11, 2018
An update that fixes 5 vulnerabilities is now available
Summary
This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2018-13302: Fixed out of array access issue (bsc#1100356). - CVE-2018-1999010: Fixed multiple out of array access vulnerabilities in the mms protocol that could result in accessing out of bound data via specially crafted input files (bnc#1102899) - CVE-2018-1999011: Fixed a heap buffer overflow in asf_o format demuxer that could result in remote code execution (bnc#1102689) - CVE-2018-1999012: Fixed an infinite loop vulnerability in pva format demuxer that could result in excessive amount of ressource allocation like CPU an RAM (CVE-2018-1999012 bnc#1102688). - CVE-2018-1999013: Fixed an use-after-free vulnerability in the realmedia demuxer that could allow remote attackers to read heap memory (bnc#1102687)
References
#1100356 #1102687 #1102688 #1102689 #1102899
Cross- CVE-2018-13302 CVE-2018-1999010 CVE-2018-1999011
CVE-2018-1999012 CVE-2018-1999013
Affected Products:
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Module for Desktop Applications 15
https://www.suse.com/security/cve/CVE-2018-13302.html
https://www.suse.com/security/cve/CVE-2018-1999010.html
https://www.suse.com/security/cve/CVE-2018-1999011.html
https://www.suse.com/security/cve/CVE-2018-1999012.html
https://www.suse.com/security/cve/CVE-2018-1999013.html
https://bugzilla.suse.com/1100356
https://bugzilla.suse.com/1102687
https://bugzilla.suse.com/1102688
https://bugzilla.suse.com/1102689
https://bugzilla.suse.com/1102899
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2018:2305-1
Rating: moderate
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!