AVG-1989 log

FFmpeg before version 4.4.1 suffers from a an assertion failure at src/libavutil/mathematics.c.

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg before version 4.4.1 does not check the init_get_bits return value, which is a necessary step...

libavcodec/dnxhddec.c in FFmpeg before version 4.4.1 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

dwa_uncompress in libavcodec/exr.c in FFmpeg before version 4.4.1 allows an out-of-bounds array access because dc_count is not strictly checked.

A denial of service vulnerability exists in FFmpeg before version 4.4.1 due to a memory leak in avcodec_alloc_context3 at options.c.

A heap-based buffer overflow vulnerability exists in FFmpeg before version 4.4.1 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a...

A buffer overflow vulnerability in FFmpeg before version 4.4.1 at filter_edges function in libavfilter/vf_yadif.c could let a remote malicious user cause a...

A buffer overflow vulnerability in FFmpeg before version 4.4.1 at convolution_y_10bit in libavfilter/vf_vmafmotion.c could let a remote malicious user cause...

A buffer overflow vulnerability in FFmpeg before version 4.4.1 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c could let a remote...

FFmpeg before version 4.4.1 is affected by a divide by zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a denial of service.

FFmpeg before version 4.4.1 is affected by a divide by zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a denial of service.

FFmpeg before version 4.4.1 is affected by a divide by zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a denial of service.