AVG-400 log

Package ffmpeg
Status Fixed
Severity Medium
Type denial of service
Affected 1:3.3.3-2
Fixed 1:3.3.4-1
Current 2:7.1-2 [extra-testing]
2:7.0.2-3 [extra]
Ticket None
Created Wed Sep 13 15:14:43 2017
Issue Severity Remote Type Description
CVE-2017-14225 Low No Denial of service
The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers...
CVE-2017-14223 Low No Denial of service
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption....
CVE-2017-14222 Low No Denial of service
In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a...
CVE-2017-14171 Low No Denial of service
In libavformat/nsvdec.c in FFmpeg 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a...
CVE-2017-14170 Low No Denial of service
In libavformat/mxfdec.c in FFmpeg 3.3.3, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause huge CPU consumption....
CVE-2017-14169 Low No Denial of service
In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3, an integer signedness error might occur when a crafted file, which claims a...
CVE-2017-14059 Low No Denial of service
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims...
CVE-2017-14058 Medium Yes Denial of service
In FFmpeg 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to...
CVE-2017-14057 Low No Denial of service
In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted ASF file,...
CVE-2017-14056 Low No Denial of service
In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When...
CVE-2017-14055 Low No Denial of service
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption....
CVE-2017-14054 Low No Denial of service
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a...
Date Advisory Package Type
15 Sep 2017 ASA-201709-10 ffmpeg denial of service