mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-20 08:29:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

ffmpeg: CVE-2025-0518

Browse Source 
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read
Sensitive Constants Within an Executable. This vulnerability is associated with
program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C .
This issue affects FFmpeg: 7.1. Issue was
fixed:  b5b6391d64
b5b6391d64
This issue was discovered by: Simcha Kosman

(From OE-Core rev: 52cbeaa086d2cc0c0aae46deb4193ccb5427ecdc)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Archana Polampalli
2025-02-14 10:49:26 +00:00
committed by Steve Sakoman
parent 0730523542
commit f2a425625c
2 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch Normal file
View File

@@ -0,0 +1,34 @@
From b5b6391d64807578ab872dc58fb8aa621dcfc38a Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Mon, 6 Jan 2025 22:01:39 +0100
Subject: [PATCH 1/4] avfilter/af_pan: Fix sscanf() use
Fixes: Memory Data Leak
Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
CVE: CVE-2025-0518
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/af_pan.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavfilter/af_pan.c b/libavfilter/af_pan.c
index a8a1896..6f8d2a4 100644
--- a/libavfilter/af_pan.c
+++ b/libavfilter/af_pan.c
@@ -178,7 +178,7 @@ static av_cold int init(AVFilterContext *ctx)
sign = 1;
while (1) {
gain = 1;
- if (sscanf(arg, "%lf%n *%n", &gain, &len, &len))
+ if (sscanf(arg, "%lf%n *%n", &gain, &len, &len) >= 1)
arg += len;
if (parse_channel_name(&arg, &in_ch_id, &named)){
av_log(ctx, AV_LOG_ERROR,
--
2.40.0

1
meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
View File

@@ -43,6 +43,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://CVE-2024-35366.patch \
file://CVE-2024-35367.patch \
file://CVE-2024-35368.patch \
file://CVE-2025-0518.patch \
"
SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b"