CVE-2017-14058

Published: Aug 31, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

100629

vdb-entry

x_refsource_BID

https://github.com/FFmpeg/FFmpeg/commit/7ec414892ddcad88313848494b6fc5f437c9ca4a

x_refsource_CONFIRM

DSA-3996

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20190330 [SECURITY] [DLA 1740-1] libav security update

mailing-list

x_refsource_MLIST

https://github.com/FFmpeg/FFmpeg/commit/7ba100d3e6e8b1e5d5342feb960a7f081d6e15af

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-14058

Description

Affected Products

References