USN-6430-1: FFmpeg vulnerabilities
Severity
Medium
Vendor
VMware Tanzu
Versions Affected
- Canonical Ubuntu 18.04
Description
It was discovered that FFmpeg did not properly handle certain inputs in vf_lagfun.c, resulting in a buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22024) It was discovered that FFmpeg incorrectly managed memory in avienc.c, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22039) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in frame.c. An attacker could possibly use this issue to cause a denial of service via application crash. This issue affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22040) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in fifo.c. An attacker could possibly use this issue to cause a denial of service via application crash. (CVE-2020-22043) It was discovered that FFmpeg incorrectly handled certain files due to a memory leak in vf_tile.c. If a user or automated system were tricked into processing a specially crafted MOV file, an attacker could possibly use this issue to cause a denial of service. (CVE-2020-22051) It was discovered that FFmpeg incorrectly handled certain MOV files in timecode.c, leading to an integer overflow. An attacker could possibly use this issue to cause a denial of service using a crafted MOV file. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-28429) Update Instructions: Run `sudo pro fix USN-6430-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: libavresample-dev - 7:2.8.17-0ubuntu0.1+esm6 libswresample-ffmpeg1 - 7:2.8.17-0ubuntu0.1+esm6 libavresample-ffmpeg2 - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-extra - 7:2.8.17-0ubuntu0.1+esm6 libswscale-ffmpeg3 - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-dev - 7:2.8.17-0ubuntu0.1+esm6 libavutil-dev - 7:2.8.17-0ubuntu0.1+esm6 libavfilter-ffmpeg5 - 7:2.8.17-0ubuntu0.1+esm6 libpostproc-ffmpeg53 - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-ffmpeg56 - 7:2.8.17-0ubuntu0.1+esm6 libswscale-dev - 7:2.8.17-0ubuntu0.1+esm6 libavformat-ffmpeg56 - 7:2.8.17-0ubuntu0.1+esm6 libswresample-dev - 7:2.8.17-0ubuntu0.1+esm6 libavdevice-dev - 7:2.8.17-0ubuntu0.1+esm6 libavcodec-ffmpeg-extra56 - 7:2.8.17-0ubuntu0.1+esm6 libavfilter-dev - 7:2.8.17-0ubuntu0.1+esm6 libpostproc-dev - 7:2.8.17-0ubuntu0.1+esm6 libavformat-dev - 7:2.8.17-0ubuntu0.1+esm6 ffmpeg - 7:2.8.17-0ubuntu0.1+esm6 libavutil-ffmpeg54 - 7:2.8.17-0ubuntu0.1+esm6 ffmpeg-doc - 7:2.8.17-0ubuntu0.1+esm6 libav-tools - 7:2.8.17-0ubuntu0.1+esm6 libavdevice-ffmpeg56 - 7:2.8.17-0ubuntu0.1+esm6 Available with Ubuntu Pro: https://ubuntu.com/pro
CVEs contained in this USN include: CVE-2020-22040, CVE-2020-22024, CVE-2020-22039, CVE-2020-22043, CVE-2020-22051, CVE-2021-28429
Affected VMware Products and Versions
Severity is medium unless otherwise noted.
-
Isolation Segment
- 2.11.x versions prior to 2.11.42
- 2.13.x versions prior to 2.13.27
- 3.0.x versions prior to 3.0.20
- 4.0.x versions prior to 4.0.12+LTS-T
-
VMware Tanzu Application Service for VMs
- 2.11.x versions prior to 2.11.48
- 2.13.x versions prior to 2.13.30
- 3.0.x versions prior to 3.0.20
- 4.0.x versions prior to 4.0.12+LTS-T
Mitigation
Users of affected products are strongly encouraged to follow the mitigation below. On the Tanzu Network product page for each release, check the Depends On section and/or Release Notes for this information. Releases that have fixed this issue include:
-
Isolation Segment
- 2.11.42
- 2.13.27
- 3.0.20
- 4.0.12+LTS-T
-
VMware Tanzu Application Service for VMs
- 2.11.48
- 2.13.30
- 3.0.20
- 4.0.12+LTS-T
References
- https://ubuntu.com/security/CVE-2020-22040
- https://ubuntu.com/security/CVE-2020-22024
- https://ubuntu.com/security/CVE-2020-22039
- https://ubuntu.com/security/CVE-2020-22043
- https://ubuntu.com/security/CVE-2020-22051
- https://ubuntu.com/security/CVE-2021-28429
- https://ubuntu.com/security/notices/USN-6430-1
- https://cloudfoundry.org/blog/usn-6430-1
History
2023-12-04: Initial vulnerability report published.