Launchpad CVE tracker

CVE 2016-7502

The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode.

Related bugs and status

CVE-2016-7502 (Candidate) is related to these bugs:

Bug #1635443: Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	1635443	Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)		ffmpeg (Ubuntu)	Wishlist	Fix Released

Bug #1647226: FFmpeg security fixes December 2016 (xenial)

Summary				In	Importance	Status
	1647226	FFmpeg security fixes December 2016 (xenial)		ffmpeg (Ubuntu Xenial)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016100...
BID: 94834
GENTOO: GLSA-201701-71

Launchpad.net

CVE 2016-7502

Related bugs and status

Related bugs

References