Bug 2274693 (CVE-2023-49528) - CVE-2023-49528 FFmpeg: Heap Buffer Overflow vulnerability
Summary: CVE-2023-49528 FFmpeg: Heap Buffer Overflow vulnerability
Keywords:
Status: NEW
Alias: CVE-2023-49528
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2274694 2274696 2274697 2274698 2274695
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-04-12 09:17 UTC by Avinash Hanwate
Modified: 2024-04-12 09:19 UTC (History)
0 users

Fixed In Version:
Doc Type: ---
Doc Text:
A flaw was found in the FFmpeg package. Affected versions of this package allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Avinash Hanwate 2024-04-12 09:17:47 UTC 
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.

https://trac.ffmpeg.org/ticket/10691
Comment 1 Avinash Hanwate 2024-04-12 09:19:17 UTC 
Created chromium tracking bugs for this issue:

Affects: epel-all [bug 2274695]


Created ffmpeg tracking bugs for this issue:

Affects: fedora-all [bug 2274694]


Created qt5-qtwebengine tracking bugs for this issue:

Affects: epel-all [bug 2274696]
Affects: fedora-all [bug 2274697]


Created qt6-qtwebengine tracking bugs for this issue:

Affects: fedora-all [bug 2274698]
Note You need to log in before you can comment on or make changes to this bug.