Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2025:0862-1 important: ffmpeg-4 Security Advisory Updates

suse
Calendar Grey March 14, 2025
Dist Suse Esm H88
SUSE's ffmpeg-4 security advisory addresses multiple issues to enhance overall system security.
* bsc#1202848 * bsc#1215945 * bsc#1223070 * bsc#1223235 * bsc#1223256

Summary

## This update for ffmpeg-4 fixes the following issues: * CVE-2025-22921: Fixed segmentation violation in NULL pointer dereference via the component /libavcodec/jpeg2000dec.c (bsc#1237382). * CVE-2025-25473: Fixed memory leak in avformat_free_context() (bsc#1237351). * CVE-2025-0518: Fixed unchecked sscanf return value which leads to memory data leak (bsc#1236007). * CVE-2025-22919: Fixed denial of service (DoS) via opening a crafted AAC file (bsc#1237371). * CVE-2024-12361: Fixed NULL Pointer Dereference (bsc#1237358). * CVE-2024-35368: Fixed Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c (bsc#1234028). * CVE-2024-36613: Fixed Integer overflow in ffmpeg (bsc#1235092). * CVE-2023-50010: Fixed arbitrary code execution via the set_encoder_id

Topics%20covered

Topics Covered

security advisory denial of service important memory leak SUSE segmentation fault ffmpeg-4

References

* bsc#1202848

* bsc#1215945

* bsc#1223070

* bsc#1223235

* bsc#1223256

* bsc#1223272

* bsc#1223304

* bsc#1223437

* bsc#1227296

* bsc#1229026

* bsc#1229338

* bsc#1234028

* bsc#1235092

* bsc#1236007

* bsc#1237351

* bsc#1237358

* bsc#1237371

* bsc#1237382

Cross-

* CVE-2023-49502

* CVE-2023-50010

* CVE-2023-51793

* CVE-2023-51794

* CVE-2023-51798

* CVE-2024-12361

* CVE-2024-31578

* CVE-2024-32230

* CVE-2024-35368

* CVE-2024-36613

* CVE-2024-7055

* CVE-2025-0518

* CVE-2025-22919

* CVE-2025-22921

* CVE-2025-25473

CVSS scores:

* CVE-2023-49502 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2023-50010 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

* CVE-2023-51793 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0862-1
Release Date: 2025-03-14T08:45:39Z
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service important memory leak SUSE segmentation fault ffmpeg-4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here