mirror of
https://git.yoctoproject.org/poky
synced 2026-02-10 10:43:02 +01:00
813d4715e4
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used). (From OE-Core rev: 392f984ffd95bcd3ce4c364b40425e7808ca7719) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>