Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62113 https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7
Created chromium tracking bugs for this issue: Affects: epel-all [bug 2260701] Created ffmpeg tracking bugs for this issue: Affects: fedora-all [bug 2260698] Created qt5-qtwebengine tracking bugs for this issue: Affects: epel-all [bug 2260702] Affects: fedora-all [bug 2260699] Created qt6-qtwebengine tracking bugs for this issue: Affects: fedora-all [bug 2260700]
Similar to CVE-2023-46407, this does not affect 6.0.x and earlier and is fixed in 6.1.1.