VDB

GCVE-110-MAGEIA-2024-283

GCVE-110-MAGEIA-2024-283
Advisory Published
Vulnetix · Advisory published September 9, 2024
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. (CVE-2024-7055) A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. (CVE-2024-7272)

Affected Products

VendorProductVersionsPlatforms
Mageiaffmpeg5.1.6-1.mga9 (unaffected), 5.1.6-1.mga9.tainted (unaffected), 0 (affected), 0 (affected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›