SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2864

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2864

Security update for ffmpeg-4

Type: security

Severity: moderate

Issued: 2024-08-09

Description:

This update for ffmpeg-4 fixes the following issues:

- CVE-2024-32230: Fixed buffer overflow due to negative-size-param bug in load_input_picture() (bsc#1227296).
- CVE-2023-51798: Fixed buffer overflow via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c (bsc#1223304).

References

CVE: CVE-2024-32230
CVE: CVE-2023-51798
Bugzilla: 1227296 VUL-0: CVE-2024-32230: ffmpeg,ffmpeg-4: buffer overflow due to negative-size-param bug at libavcodec/mpegvideo_enc.c in load_input_picture
Bugzilla: 1223304 VUL-0: CVE-2023-51798: ffmpeg,ffmpeg-4: floating point exception(FPE) via the interpolate function in libavfilter/vf_minterpolate.c

Packages

ffmpeg-4-4.4-150600.13.10.1