Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6803-1

Ubuntu Security Notice 6803-1 - Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.

Packet Storm
#vulnerability#ubuntu#dos
==========================================================================Ubuntu Security Notice USN-6803-1May 30, 2024ffmpeg vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTS- Ubuntu 23.10- Ubuntu 22.04 LTS- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS- Ubuntu 16.04 LTSSummary:FFmpeg could be made to crash or run programs as your login if itopened a specially crafted file.Software Description:- ffmpeg: Tools for transcoding, streaming and playing of multimedia filesDetails:Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handledcertain input files. An attacker could possibly use this issue to causeFFmpeg to crash, resulting in a denial of service, or potential arbitrarycode execution. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-49501)Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handledcertain input files. An attacker could possibly use this issue to causeFFmpeg to crash, resulting in a denial of service, or potential arbitrarycode execution. This issue only affected Ubuntu 18.04 LTS,Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS.(CVE-2023-49502)Zhang Ling and Zeng Yunxiang discovered that FFmpeg incorrectly handledcertain input files. An attacker could possibly use this issue to causeFFmpeg to crash, resulting in a denial of service, or potential arbitrarycode execution. This issue only affected Ubuntu 23.10 andUbuntu 24.04 LTS. (CVE-2023-49528)Zeng Yunxiang discovered that FFmpeg incorrectly handled certain inputfiles. An attacker could possibly use this issue to cause FFmpeg to crash,resulting in a denial of service, or potential arbitrary code execution.This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS.(CVE-2023-50007)Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handledcertain input files. An attacker could possibly use this issue to causeFFmpeg to crash, resulting in a denial of service, or potential arbitrarycode execution. This issue only affected Ubuntu 23.10 andUbuntu 24.04 LTS. (CVE-2023-50008)Zeng Yunxiang discovered that FFmpeg incorrectly handled certain inputfiles. An attacker could possibly use this issue to cause FFmpeg to crash,resulting in a denial of service, or potential arbitrary code execution.This issue only affected Ubuntu 23.10. (CVE-2023-50009)Zeng Yunxiang discovered that FFmpeg incorrectly handled certain inputfiles. An attacker could possibly use this issue to cause FFmpeg to crash,resulting in a denial of service, or potential arbitrary code execution.This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-50010)Zeng Yunxiang and Li Zeyuan discovered that FFmpeg incorrectly handledcertain input files. An attacker could possibly use this issue to causeFFmpeg to crash, resulting in a denial of service, or potential arbitrarycode execution. This issue only affected Ubuntu 23.10 andUbuntu 24.04 LTS. (CVE-2023-51793)Zeng Yunxiang discovered that FFmpeg incorrectly handled certain inputfiles. An attacker could possibly use this issue to cause FFmpeg to crash,resulting in a denial of service, or potential arbitrary code execution.This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-51794, CVE-2023-51798)Zeng Yunxiang discovered that FFmpeg incorrectly handled certain inputfiles. An attacker could possibly use this issue to cause FFmpeg to crash,resulting in a denial of service, or potential arbitrary code execution.This issue only affected Ubuntu 23.10. (CVE-2023-51795, CVE-2023-51796)It was discovered that discovered that FFmpeg incorrectly handled certaininput files. An attacker could possibly use this issue to cause FFmpeg tocrash, resulting in a denial of service, or potential arbitrary codeexecution. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. (CVE-2024-31578)It was discovered that discovered that FFmpeg incorrectly handled certaininput files. An attacker could possibly use this issue to cause FFmpeg tocrash, resulting in a denial of service, or potential arbitrary codeexecution. This issue only affected Ubuntu 23.10 and Ubuntu 24.04 LTS.(CVE-2024-31582)It was discovered that discovered that FFmpeg incorrectly handled certaininput files. An attacker could possibly use this issue to cause FFmpeg tocrash, resulting in a denial of service, or potential arbitrary codeexecution. This issue only affected Ubuntu 23.10. (CVE-2024-31585)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS   ffmpeg                          7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavcodec-extra60              7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavcodec60                    7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavdevice60                   7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavfilter-extra9              7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavfilter9                    7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavformat-extra60             7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavformat60                   7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libavutil58                     7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libpostproc57                   7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libswresample4                  7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu Pro   libswscale7                     7:6.1.1-3ubuntu5+esm1                                   Available with Ubuntu ProUbuntu 23.10   ffmpeg                          7:6.0-6ubuntu1.1   libavcodec-extra60              7:6.0-6ubuntu1.1   libavcodec60                    7:6.0-6ubuntu1.1   libavdevice60                   7:6.0-6ubuntu1.1   libavfilter-extra9              7:6.0-6ubuntu1.1   libavfilter9                    7:6.0-6ubuntu1.1   libavformat-extra60             7:6.0-6ubuntu1.1   libavformat60                   7:6.0-6ubuntu1.1   libavutil58                     7:6.0-6ubuntu1.1   libpostproc57                   7:6.0-6ubuntu1.1   libswresample4                  7:6.0-6ubuntu1.1   libswscale7                     7:6.0-6ubuntu1.1Ubuntu 22.04 LTS   ffmpeg                          7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavcodec-extra58              7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavcodec58                    7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavdevice58                   7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavfilter-extra7              7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavfilter7                    7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavformat-extra               7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavformat-extra58             7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavformat58                   7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libavutil56                     7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libpostproc55                   7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libswresample3                  7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu Pro   libswscale5                     7:4.4.2-0ubuntu0.22.04.1+esm4                                   Available with Ubuntu ProUbuntu 20.04 LTS   ffmpeg                          7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavcodec-extra58              7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavcodec58                    7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavdevice58                   7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavfilter-extra7              7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavfilter7                    7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavformat58                   7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavresample4                  7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavutil56                     7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libpostproc55                   7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libswresample3                  7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libswscale5                     7:4.2.7-0ubuntu0.1+esm5                                   Available with Ubuntu ProUbuntu 18.04 LTS   ffmpeg                          7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavcodec-extra57              7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavcodec57                    7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavdevice57                   7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavfilter-extra6              7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavfilter6                    7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavformat57                   7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavresample3                  7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libavutil55                     7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libpostproc54                   7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libswresample2                  7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu Pro   libswscale4                     7:3.4.11-0ubuntu0.1+esm5                                   Available with Ubuntu ProUbuntu 16.04 LTS   ffmpeg                          7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavcodec-ffmpeg-extra56       7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavcodec-ffmpeg56             7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavdevice-ffmpeg56            7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavfilter-ffmpeg5             7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavformat-ffmpeg56            7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavresample-ffmpeg2           7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libavutil-ffmpeg54              7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libpostproc-ffmpeg53            7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libswresample-ffmpeg1           7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu Pro   libswscale-ffmpeg3              7:2.8.17-0ubuntu0.1+esm7                                   Available with Ubuntu ProIn general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-6803-1   CVE-2023-49501, CVE-2023-49502, CVE-2023-49528, CVE-2023-50007,   CVE-2023-50008, CVE-2023-50009, CVE-2023-50010, CVE-2023-51793,   CVE-2023-51794, CVE-2023-51795, CVE-2023-51796, CVE-2023-51798,   CVE-2024-31578, CVE-2024-31582, CVE-2024-31585Package Information:   https://launchpad.net/ubuntu/+source/ffmpeg/7:6.0-6ubuntu1.1

Related news

Debian Security Advisory 5721-1

Debian Linux Security Advisory 5721-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

Debian Security Advisory 5712-1

Debian Linux Security Advisory 5712-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution