Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 795696 (CVE-2021-33815, CVE-2021-38171, CVE-2021-38291) - <media-video/ffmpeg-{4.2.7,4.4.1}: multiple vulnerabilities (CVE-2021-{33815,38171,38291})
Summary: <media-video/ffmpeg-{4.2.7,4.4.1}: multiple vulnerabilities (CVE-2021-{33815,...
Status: RESOLVED FIXED
Alias: CVE-2021-33815, CVE-2021-38171, CVE-2021-38291
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://trac.ffmpeg.org/ticket/9312
Whiteboard: A3 [glsa+]
Keywords:
Depends on: 829389 876400
Blocks:
  Show dependency tree
 
Reported: 2021-06-13 03:53 UTC by Sam James
Modified: 2023-12-23 11:09 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-06-13 03:53:39 UTC
Description:
"dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked."

https://github.com/FFmpeg/FFmpeg/commit/26d3c81bc5ef2f8c3f09d45eaeacfb4b1139a777
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:21:47 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:29:56 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:37:54 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:46:01 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 18:01:58 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 18:10:17 UTC
Package list is empty or all packages have requested keywords.
Comment 7 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-08-12 23:38:34 UTC
CVE-2021-38291:

FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.

Unreleased patch: https://github.com/ffmpeg/ffmpeg/commit/e01d306c647b5827102260b885faa223b646d2d1
Comment 8 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-08-26 02:02:48 UTC
CVE-2021-38171:

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.

Patch: https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6
Comment 9 Larry the Git Cow gentoo-dev 2021-10-26 04:35:52 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22ec1c3c5fb7ee32bde1a8a0eed2b884884521bf

commit 22ec1c3c5fb7ee32bde1a8a0eed2b884884521bf
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-10-26 04:33:43 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-10-26 04:34:11 +0000

    media-video/ffmpeg: add 4.4.1
    
    Not yet verified if all the CVEs are fixed.
    
    Bug: https://bugs.gentoo.org/795696
    Signed-off-by: Sam James <sam@gentoo.org>

 media-video/ffmpeg/Manifest            |   1 +
 media-video/ffmpeg/ffmpeg-4.4.1.ebuild | 555 +++++++++++++++++++++++++++++++++
 2 files changed, 556 insertions(+)
Comment 10 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-12-20 20:29:30 UTC
Please cleanup.
Comment 11 Larry the Git Cow gentoo-dev 2022-09-03 05:27:13 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=31baf58256ca04e305510ce86df9f6d83948f853

commit 31baf58256ca04e305510ce86df9f6d83948f853
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-09-03 05:24:50 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-09-03 05:25:22 +0000

    media-video/ffmpeg: add 4.2.7
    
    Fixes a bunch of CVEs that we've had fixed in newer versions
    for a while, but until we can clean up 4.2.x, we may as well
    bump to the latest in that series...
    
    Bug: https://bugs.gentoo.org/842267
    Bug: https://bugs.gentoo.org/795696
    Bug: https://bugs.gentoo.org/781146
    Signed-off-by: Sam James <sam@gentoo.org>

 media-video/ffmpeg/Manifest                        |   1 +
 media-video/ffmpeg/ffmpeg-4.2.7.ebuild             | 556 +++++++++++++++++++++
 .../ffmpeg-4.2.7-libsdl2-new-version-scheme.patch  |  26 +
 3 files changed, 583 insertions(+)
Comment 12 Larry the Git Cow gentoo-dev 2022-10-10 15:32:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fff3d30f49f081c89ab5d0154509d32550ae1a9c

commit fff3d30f49f081c89ab5d0154509d32550ae1a9c
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-10-10 15:26:17 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-10 15:31:58 +0000

    media-video/ffmpeg: drop 4.2.4-r2
    
    Bug: https://bugs.gentoo.org/847267
    Bug: https://bugs.gentoo.org/795696
    Bug: https://bugs.gentoo.org/781146
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 media-video/ffmpeg/Manifest               |   1 -
 media-video/ffmpeg/ffmpeg-4.2.4-r2.ebuild | 555 ------------------------------
 2 files changed, 556 deletions(-)
Comment 13 Larry the Git Cow gentoo-dev 2023-12-23 11:07:37 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=054115a94fa38350f4468052ec239cbacb5b8e26

commit 054115a94fa38350f4468052ec239cbacb5b8e26
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-12-23 11:07:01 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2023-12-23 11:07:29 +0000

    [ GLSA 202312-14 ] FFmpeg: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/795696
    Bug: https://bugs.gentoo.org/842267
    Bug: https://bugs.gentoo.org/881523
    Bug: https://bugs.gentoo.org/903805
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202312-14.xml | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)