All Vulnerability Reports

USN-6430-1: FFmpeg vulnerabilities


Severity

Medium

Vendor

VMware Tanzu

Versions Affected

  • Canonical Ubuntu 18.04

Description

It was discovered that FFmpeg did not properly handle certain inputs in vf_lagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22024) It was discovered that FFmpeg incorrectly managed memory in avienc.c, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22039) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in frame.c. An attacker could possibly use this issue to cause a denial of service via application crash. This issue affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22040) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in fifo.c. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22043) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in vf_tile.c. If a user or automated system were tricked into processing a specially crafted MOV file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22051) It was discovered that FFmpeg incorrectly handled certain MOV files in timecode.c, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service using a crafted MOV file. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-28429) Update Instructions: Run `sudo pro fix USN-6430-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:2.8.17-0ubuntu0.1+esm6 libswresample-ffmpeg1 - 7:2.8.17-0ubuntu0.1+esm6 libavresample-ffmpeg2 - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-extra - 7:2.8.17-0ubuntu0.1+esm6 libswscale-ffmpeg3 - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-dev - 7:2.8.17-0ubuntu0.1+esm6 libavutil-dev - 7:2.8.17-0ubuntu0.1+esm6 libavfilter-ffmpeg5 - 7:2.8.17-0ubuntu0.1+esm6 libpostproc-ffmpeg53 - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-ffmpeg56 - 7:2.8.17-0ubuntu0.1+esm6 libswscale-dev - 7:2.8.17-0ubuntu0.1+esm6 libavformat-ffmpeg56 - 7:2.8.17-0ubuntu0.1+esm6 libswresample-dev - 7:2.8.17-0ubuntu0.1+esm6 libavdevice-dev - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-ffmpeg-extra56 - 7:2.8.17-0ubuntu0.1+esm6 libavfilter-dev - 7:2.8.17-0ubuntu0.1+esm6 libpostproc-dev - 7:2.8.17-0ubuntu0.1+esm6 libavformat-dev - 7:2.8.17-0ubuntu0.1+esm6 ffmpeg - 7:2.8.17-0ubuntu0.1+esm6 libavutil-ffmpeg54 - 7:2.8.17-0ubuntu0.1+esm6 ffmpeg-doc - 7:2.8.17-0ubuntu0.1+esm6 libav-tools - 7:2.8.17-0ubuntu0.1+esm6 libavdevice-ffmpeg56 - 7:2.8.17-0ubuntu0.1+esm6 Available with Ubuntu Pro: https://ubuntu.com/pro

CVEs contained in this USN include: CVE-2020-22040, CVE-2020-22024, CVE-2020-22039, CVE-2020-22043, CVE-2020-22051, CVE-2021-28429

Affected VMware Products and Versions

Severity is medium unless otherwise noted.

  • Isolation Segment
    • 2.11.x versions prior to 2.11.42
    • 2.13.x versions prior to 2.13.27
    • 3.0.x versions prior to 3.0.20
    • 4.0.x versions prior to 4.0.12+LTS-T
  • VMware Tanzu Application Service for VMs
    • 2.11.x versions prior to 2.11.48
    • 2.13.x versions prior to 2.13.30
    • 3.0.x versions prior to 3.0.20
    • 4.0.x versions prior to 4.0.12+LTS-T

Mitigation

Users of affected products are strongly encouraged to follow the mitigation below. On the Tanzu Network product page for each release, check the Depends On section and/or Release Notes for this information. Releases that have fixed this issue include:

  • Isolation Segment
    • 2.11.42
    • 2.13.27
    • 3.0.20
    • 4.0.12+LTS-T
  • VMware Tanzu Application Service for VMs
    • 2.11.48
    • 2.13.30
    • 3.0.20
    • 4.0.12+LTS-T

References

History

2023-12-04: Initial vulnerability report published.