SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1450

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1450

Security update for ffmpeg

Type: security

Severity: important

Issued: 2025-05-05

Description:

This update for ffmpeg fixes the following issues:

- CVE-2025-22921: Clear array length when freeing it. (bsc#1237382)
- CVE-2025-0518: Fix memory data leak when use sscanf(). (bsc#1236007)
- CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate >= 0. (bsc#1237371)
- CVE-2024-12361: Add check for av_packet_new_side_data() to avoid null pointer dereference if allocation fails. (bsc#1237358)
- CVE-2024-36613: Adjust order of operations around block align. (bsc#1235092)
- CVE-2024-35365: Fix double-free on error. (bsc#1235091)
- CVE-2024-35368: Fix double-free on the AVFrame is unreferenced. (bsc#1234028)
- CVE-2023-51793: Fix out of array access. (bsc#1223272).
- CVE-2023-51793: Fixed a heap buffer overflow in the image_copy_plane function in libavutil/imgutils.c (bsc#1223272).

References

Packages

ffmpeg-3.4.2-150200.11.60.1