AVG-2403 log

Package faad2
Status Fixed
Severity Medium
Type multiple issues
Affected 2.9.2-1
Fixed 2.10.0-1
Current 2.10.0-1 [extra]
Ticket None
Created Tue Sep 21 08:59:06 2021
Issue Severity Remote Type Description
CVE-2021-32278 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function lt_prediction located in lt_predict.c. It allows an...
CVE-2021-32277 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows...
CVE-2021-32276 Low Yes Denial of service
An issue was discovered in faad2 before version 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an...
CVE-2021-32274 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows...
CVE-2021-32273 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A stack- buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker...
CVE-2021-32272 Medium Yes Arbitrary code execution
An issue was discovered in faad2 before version 2.10.0. A heap-buffer- overflow exists in the function stszin located in mp4read.c. It allows an attacker to...