SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2803

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2803

Security update for ffmpeg-4

Type: security

Severity: moderate

Issued: 2024-08-07

Description:

This update for ffmpeg-4 fixes the following issues:

- CVE-2024-32230: Fixed buffer overflow due to negative-size-param bug in load_input_picture() (bsc#1227296).
- CVE-2023-51798: Fixed floating point exception in the via the interpolate function in libavfilter/vf_minterpolate.c (bsc#1223304).

References

CVE: CVE-2024-32230
CVE: CVE-2023-51798
Bugzilla: 1227296 VUL-0: CVE-2024-32230: ffmpeg,ffmpeg-4: buffer overflow due to negative-size-param bug at libavcodec/mpegvideo_enc.c in load_input_picture
Bugzilla: 1223304 VUL-0: CVE-2023-51798: ffmpeg,ffmpeg-4: floating point exception(FPE) via the interpolate function in libavfilter/vf_minterpolate.c

Packages

ffmpeg-4-4.4-150400.3.37.1