Alerts This Week
Warning Icon 1 625
Alerts This Week
Warning Icon 1 625

SUSE ffmpeg Important Security Fix for Multiple Vulnerabilities 2026-2444-1

suse
Calendar Grey June 18, 2026
Dist Suse Esm H88
Install a crucial security update for ffmpeg-4 on SUSE to resolve multiple critical issues affecting system performance.
An update that solves 11 vulnerabilities can now be installed.

Summary

## This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: * CVE-2023-6601: HLS Unsafe File Extension Bypass (bsc#1220545). * CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the i (bsc#1234030). * CVE-2025-1594: stack-based buffer overflow in function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder (bsc#1237561). * CVE-2025-9951: heap-based buffer overflow in jpeg2000dec (bsc#1249393). * CVE-2025-10256: NULL pointer dereference in Firequalizer filter (bsc#1249431). * CVE-2025-63757: accumulation of filtered pixel values can lead to an integer

Topics%20covered

Topics Covered

security advisory buffer overflow SuSE important integer overflow ffmpeg

References

* bsc#1220545

* bsc#1234030

* bsc#1237561

* bsc#1249393

* bsc#1249431

* bsc#1255392

* bsc#1262047

* bsc#1262237

Cross-

* CVE-2023-6601

* CVE-2024-35366

* CVE-2024-35368

* CVE-2024-36618

* CVE-2025-10256

* CVE-2025-1594

* CVE-2025-59728

* CVE-2025-63757

* CVE-2025-9951

* CVE-2026-30997

* CVE-2026-40962

CVSS scores:

* CVE-2023-6601 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

* CVE-2023-6601 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

* CVE-2023-6601 ( NVD ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

* CVE-2024-35366 ( SUSE ): 6.9

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2024-35366 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2444-1
Release Date: 2026-06-18T08:51:46Z
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow SuSE important integer overflow ffmpeg

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here