CVE-2015-8217
Publication date 17 November 2015
Last updated 24 July 2024
Ubuntu priority
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data.
Status
Package | Ubuntu Release | Status |
---|---|---|
ffmpeg | 18.04 LTS bionic |
Not affected
|
16.04 LTS xenial |
Not affected
|
|
14.04 LTS trusty | Not in release | |
libav | 18.04 LTS bionic | Not in release |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty |
Not affected
|
|
Patch details
Package | Patch details |
---|---|
ffmpeg |