ffmpeg: fix for CVE-2022-3965 - openembedded-core

diff options

author	Narpat Mali <narpat.mali@windriver.com>	2022-11-23 14:21:38 +0000
committer	Steve Sakoman <steve@sakoman.com>	2022-11-29 06:30:24 -1000
commit	81b75c0331eadc920d27f7115fa9ec99e089bb5a (patch)
tree	e33e061e6f7545980112119f9207d3b3c4a85949 /meta/recipes-multimedia/libtiff
parent	4d2eec66fb3979b9676466258a1af5321a68b237 (diff)
download	openembedded-core-81b75c0331eadc920d27f7115fa9ec99e089bb5a.tar.gz

ffmpeg: fix for CVE-2022-3965

A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-3965 Upstream Fix: https://github.com/FFmpeg/FFmpeg/commit/13c13109759090b7f7182480d075e13b36ed8edd Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit b88c96fe8964614978aa25a65dd34fc3c05c664c) Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/recipes-multimedia/libtiff')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: