Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-15822

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

Related bugs and status

CVE-2018-15822 (Candidate) is related to these bugs:

Bug #1810571: Update to ffmpeg 3.4.6 in Bionic

Summary				In	Importance	Status
	1810571	Update to ffmpeg 3.4.6 in Bionic		ffmpeg (Ubuntu)	Undecided	Confirmed

Bug #1823786: [SRU] ffmpeg 3.4.6 for bionic

Summary				In	Importance	Status
	1823786	[SRU] ffmpeg 3.4.6 for bionic		ffmpeg (Ubuntu)	Low	Fix Released
	1823786	[SRU] ffmpeg 3.4.6 for bionic		ffmpeg (Ubuntu Bionic)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/FFm...
BUGTRAQ: 20190523 [SECURITY] [D...
DEBIAN: DSA-4449
MLIST: [debian-lts-announce] ...
UBUNTU: USN-3967-1
UBUNTU: USN-4431-1
CONFIRM: https://github.com/FFm...