CVE-2017-16840

Published: Nov 21, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a94cb36ab2ad99d3a1331c9f91831ef593d94f74

x_refsource_MISC

101924

vdb-entry

x_refsource_BID

DSA-4049

vendor-advisory

x_refsource_DEBIAN

https://github.com/FFmpeg/FFmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-16840

Description

Affected Products

References