Bug 2276114 (CVE-2023-49501, CVE-2023-49502, CVE-2023-51791, CVE-2023-51792, CVE-2023-51793)

Summary: CVE-2023-49501 CVE-2023-49502 CVE-2023-51791 CVE-2023-51792 CVE-2023-51793 ffmpeg: multiple vulnerabilities
Product: [Other] Security Response Reporter: Robb Gatica <rgatica>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2276117, 2276115, 2276116, 2276118, 2276119    
Bug Blocks:    

Description Robb Gatica 2024-04-19 18:57:24 UTC 
CVE-2023-49501:
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.

https://github.com/FFmpeg/FFmpeg
https://trac.ffmpeg.org/ticket/10686
https://trac.ffmpeg.org/ticket/10686#no1

---

CVE-2023-49502:
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

https://github.com/FFmpeg/FFmpeg
https://trac.ffmpeg.org/ticket/10688

---

CVE-2023-51791:
Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.

https://ffmpeg.org/
https://trac.ffmpeg.org/ticket/10738

---

CVE-2023-51792:
Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.

https://github.com/strukturag/libde265
https://github.com/strukturag/libde265/issues/427

---

CVE-2023-51793:
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.

https://ffmpeg.org/
https://trac.ffmpeg.org/ticket/10743
Comment 1 Robb Gatica 2024-04-19 18:59:52 UTC 
Created chromium tracking bugs for this issue:

Affects: epel-all [bug 2276116]


Created ffmpeg tracking bugs for this issue:

Affects: fedora-all [bug 2276115]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2276117]
Affects: fedora-all [bug 2276118]


Created qt6-qtwebengine tracking bugs for this issue:

Affects: fedora-all [bug 2276119]