CVE-2021-30123 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Arbitrary code execution
Description	FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1786	ffmpeg	2:4.3.2-6		Medium	Not affected

References
https://trac.ffmpeg.org/ticket/8845 https://trac.ffmpeg.org/ticket/8863 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f

References

https://trac.ffmpeg.org/ticket/8845
https://trac.ffmpeg.org/ticket/8863
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f

Notes
The vulnerable code was introduced on the master branch in commit 9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468 and is not present on the 4.3 release branch that Arch Linux currently ships.