 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2021.0495 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2021-0495) |
| Zusammenfassung: | The remote host is missing an update for the 'ffmpeg' package(s) announced via the MGASA-2021-0495 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'ffmpeg' package(s) announced via the MGASA-2021-0495 advisory. Vulnerability Insight: FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. (CVE-2020-20446) FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service. (CVE-2020-20450) FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service. (CVE-2020-20453) Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service. (CVE-2020-21041) Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code. (CVE-2020-22015) Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service. (CVE-2020-22019) Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service. (CVE-2020-22021) A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. (CVE-2020-22033) A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c. (CVE-2020-22037) A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c. (CVE-2020-22038) A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function in libavfilter/graphparser.c. (CVE-2020-22042) libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868. (CVE-2021-38114) adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted. (CVE-2021-38171) FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. (CVE-2021-38291) Affected Software/OS: 'ffmpeg' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-20446 Debian Security Information: DSA-4990 (Google Search) https://www.debian.org/security/2021/dsa-4990 Debian Security Information: DSA-4998 (Google Search) https://www.debian.org/security/2021/dsa-4998 https://trac.ffmpeg.org/ticket/7995 https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2020-20450 https://trac.ffmpeg.org/ticket/7993 Common Vulnerability Exposure (CVE) ID: CVE-2020-20453 https://trac.ffmpeg.org/ticket/8003 Common Vulnerability Exposure (CVE) ID: CVE-2020-21041 https://trac.ffmpeg.org/ticket/7989 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html Common Vulnerability Exposure (CVE) ID: CVE-2020-22015 https://trac.ffmpeg.org/ticket/8190 Common Vulnerability Exposure (CVE) ID: CVE-2020-22019 https://trac.ffmpeg.org/ticket/8241 Common Vulnerability Exposure (CVE) ID: CVE-2020-22021 https://trac.ffmpeg.org/ticket/8240 Common Vulnerability Exposure (CVE) ID: CVE-2020-22033 https://cwe.mitre.org/data/definitions/122.html https://trac.ffmpeg.org/ticket/8246 Common Vulnerability Exposure (CVE) ID: CVE-2020-22037 https://trac.ffmpeg.org/ticket/8281 Common Vulnerability Exposure (CVE) ID: CVE-2020-22038 https://trac.ffmpeg.org/ticket/8285 Common Vulnerability Exposure (CVE) ID: CVE-2020-22042 https://trac.ffmpeg.org/ticket/8267 Common Vulnerability Exposure (CVE) ID: CVE-2021-38114 https://github.com/FFmpeg/FFmpeg/commit/7150f9575671f898382c370acae35f9087a30ba1 https://patchwork.ffmpeg.org/project/ffmpeg/patch/PAXP193MB12624C21AE412BE95BA4D4A4B6F09@PAXP193MB1262.EURP193.PROD.OUTLOOK.COM/ Common Vulnerability Exposure (CVE) ID: CVE-2021-38171 https://security.gentoo.org/glsa/202312-14 https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6 https://patchwork.ffmpeg.org/project/ffmpeg/patch/AS8P193MB12542A86E22F8207EC971930B6F19@AS8P193MB1254.EURP193.PROD.OUTLOOK.COM/ Common Vulnerability Exposure (CVE) ID: CVE-2021-38291 https://trac.ffmpeg.org/ticket/9312 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |