Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-14169

In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xffffffff, is provided. As a result, the variable "item_num" turns negative, bypassing the check for a large value.

Related bugs and status

CVE-2017-14169 (Candidate) is related to these bugs:

Bug #1697785: Update to 2.8.14 in Xenial

Summary				In	Importance	Status
	1697785	Update to 2.8.14 in Xenial		ffmpeg (Ubuntu)	Undecided	Invalid
	1697785	Update to 2.8.14 in Xenial		ffmpeg (Ubuntu Xenial)	Undecided	Fix Released

Bug #1721249: ffmpeg artful update to 3.3.4

Summary				In	Importance	Status
	1721249	ffmpeg artful update to 3.3.4		ffmpeg (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://github.com/FFm...
BID: 100692
DEBIAN: DSA-3996
MLIST: [debian-lts-announce] ...
CONFIRM: https://github.com/FFm...