Skip to content
Commit c1f1ab29 authored by Narpat Mali's avatar Narpat Mali Committed by Steve Sakoman
Browse files

ffmpeg: fix for CVE-2022-3965 

A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function
smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The
manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely.
The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to
fix this issue. The identifier of this vulnerability is VDB-213544.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-3965

Upstream Fix:
https://github.com/FFmpeg/FFmpeg/commit/13c13109759090b7f7182480d075e13b36ed8edd



Signed-off-by: default avatarNarpat Mali <narpat.mali@windriver.com>
Signed-off-by: default avatarSteve Sakoman <steve@sakoman.com>
parent 40a1c9d3
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment