Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

Ubuntu 16.04: FFmpeg Important Denial Of Service Crash USN-7890-1

ubuntu
Calendar Grey November 27, 2025
Dist Ubuntu Esm H88
FFmpeg in Ubuntu 16.04 LTS could crash from a crafted file, necessitating an urgent update. Secure your systems now!
FFmpeg could be made to crash if it opened a specially crafted file.

Summary

FFmpeg could be made to crash if it opened a specially crafted file.

Software Description:

- ffmpeg: Tools for transcoding, streaming and playing of multimedia files

Details:

It was discovered that FFmpeg did not properly handle the parsing of

certain malformed HLS playlists. If a user were tricked into opening a

specially crafted HLS playlist, an attacker could possibly use this issue

to cause FFmpeg to crash, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
  ffmpeg                          7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro
  libavcodec-ffmpeg-extra56       7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro
  libavcodec-ffmpeg56             7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro
  libavdevice-ffmpeg56            7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro
  libavfilter-ffmpeg5             7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro
  libavformat-ffmpeg56            7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro
  libavutil-ffmpeg54              7:2.8.17-0ubuntu0.1+esm13
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7890-1

CVE-2023-6603

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7890-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here