user/ffmpeg: multiple vulnerabilities
| Bugzilla ID | 331 |
| Alias(es) | CVE-2020-13904, CVE-2020-14212 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-07-09 14:16:44 -0500 |
| Modified | 2020-07-29 16:30:59 -0500 |
| Status | IN_PROGRESS |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/ffmpeg |
Description
CVE-2020-13904: https://nvd.nist.gov/vuln/detail/CVE-2020-13904
FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an
m3u8 file because parse_playlist in libavformat/hls.c frees a pointer,
and later that pointer is accessed in av_probe_input_format3 in
libavformat/format.c.
Unreleased fix https://github.com/FFmpeg/FFmpeg/commit/9dfb19baeb86a8bb02c53a441682c6e9a6e104cc