Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-7272 (GCVE-0-2024-7272)
Vulnerability from cvelistv5 – Published: 2024-08-08 20:24 – Updated: 2024-08-09 17:22
VLAI?
EPSS
Title
FFmpeg swresample.c fill_audiodata heap-based overflow
Summary
A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.
Severity ?
6.3 (Medium)
6.3 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ffmpeg",
"vendor": "ffmpeg",
"versions": [
{
"lessThanOrEqual": "5.1.5",
"status": "affected",
"version": "5.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7272",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T15:01:45.961533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T17:22:37.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FFmpeg",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.1.0"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in FFmpeg bis 5.1.5 gefunden. Es betrifft die Funktion fill_audiodata der Datei /libswresample/swresample.c. Dank Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T20:24:10.987Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-273945 | FFmpeg swresample.c fill_audiodata heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.273945"
},
{
"name": "VDB-273945 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.273945"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6"
},
{
"tags": [
"product"
],
"url": "https://ffmpeg.org/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-30T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2024-08-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-08-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-08-08T18:00:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "FFmpeg swresample.c fill_audiodata heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-7272",
"datePublished": "2024-08-08T20:24:10.987Z",
"dateReserved": "2024-07-30T13:19:16.095Z",
"dateUpdated": "2024-08-09T17:22:37.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-7272\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2024-08-12T13:38:40.850\",\"lastModified\":\"2024-08-13T15:16:23.837\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad fue encontrada en FFmpeg hasta 5.1.5 y clasificada como cr\u00edtica. Esto afecta a la funci\u00f3n fill_audiodata del archivo /libswresample/swresample.c. La manipulaci\u00f3n conduce a un desbordamiento del b\u00fafer basado en el mont\u00f3n. Es posible iniciar el ataque de forma remota. Este problema fue solucionado en la versi\u00f3n 6.0 por 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 pero se olvid\u00f3 un backport para 5.1. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a las versiones 5.1.6 y 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 puede solucionar este problema. Se recomienda actualizar el componente afectado.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.1.6\",\"matchCriteriaId\":\"FCB80EE7-6F12-4A81-93BD-EF05F94AC15B\"}]}]}],\"references\":[{\"url\":\"https://ffmpeg.org/\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://vuldb.com/?ctiid.273945\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.273945\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-7272\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-09T15:01:45.961533Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*\"], \"vendor\": \"ffmpeg\", \"product\": \"ffmpeg\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.1.5\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-09T17:22:28.611Z\"}}], \"cna\": {\"title\": \"FFmpeg swresample.c fill_audiodata heap-based overflow\", \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 6.9, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 7.5, \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"FFmpeg\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.0\"}, {\"status\": \"affected\", \"version\": \"5.1.1\"}, {\"status\": \"affected\", \"version\": \"5.1.2\"}, {\"status\": \"affected\", \"version\": \"5.1.3\"}, {\"status\": \"affected\", \"version\": \"5.1.4\"}, {\"status\": \"affected\", \"version\": \"5.1.5\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-07-30T00:00:00.000Z\", \"value\": \"CVE reserved\"}, {\"lang\": \"en\", \"time\": \"2024-08-08T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2024-08-08T02:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2024-08-08T18:00:30.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.273945\", \"name\": \"VDB-273945 | FFmpeg swresample.c fill_audiodata heap-based overflow\", \"tags\": [\"vdb-entry\", \"technical-description\"]}, {\"url\": \"https://vuldb.com/?ctiid.273945\", \"name\": \"VDB-273945 | CTI Indicators (IOB, IOC, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5\", \"tags\": [\"exploit\"]}, {\"url\": \"https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6\", \"tags\": [\"exploit\"]}, {\"url\": \"https://ffmpeg.org/\", \"tags\": [\"product\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.\"}, {\"lang\": \"de\", \"value\": \"Es wurde eine kritische Schwachstelle in FFmpeg bis 5.1.5 gefunden. Es betrifft die Funktion fill_audiodata der Datei /libswresample/swresample.c. Dank Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \\u00fcber das Netzwerk erfolgen. Der Exploit steht zur \\u00f6ffentlichen Verf\\u00fcgung. Ein Aktualisieren auf die Version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 vermag dieses Problem zu l\\u00f6sen. Als bestm\\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122 Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2024-08-08T20:24:10.987Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-7272\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-09T17:22:37.764Z\", \"dateReserved\": \"2024-07-30T13:19:16.095Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2024-08-08T20:24:10.987Z\", \"assignerShortName\": \"VulDB\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2024-7272
Vulnerability from fkie_nvd - Published: 2024-08-12 13:38 - Updated: 2024-08-13 15:16
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://ffmpeg.org/ | Product | |
| cna@vuldb.com | https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5 | Exploit | |
| cna@vuldb.com | https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6 | Not Applicable | |
| cna@vuldb.com | https://vuldb.com/?ctiid.273945 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.273945 | Permissions Required, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCB80EE7-6F12-4A81-93BD-EF05F94AC15B",
"versionEndExcluding": "5.1.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en FFmpeg hasta 5.1.5 y clasificada como cr\u00edtica. Esto afecta a la funci\u00f3n fill_audiodata del archivo /libswresample/swresample.c. La manipulaci\u00f3n conduce a un desbordamiento del b\u00fafer basado en el mont\u00f3n. Es posible iniciar el ataque de forma remota. Este problema fue solucionado en la versi\u00f3n 6.0 por 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 pero se olvid\u00f3 un backport para 5.1. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a las versiones 5.1.6 y 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 puede solucionar este problema. Se recomienda actualizar el componente afectado."
}
],
"id": "CVE-2024-7272",
"lastModified": "2024-08-13T15:16:23.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2024-08-12T13:38:40.850",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Product"
],
"url": "https://ffmpeg.org/"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit"
],
"url": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5"
},
{
"source": "cna@vuldb.com",
"tags": [
"Not Applicable"
],
"url": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.273945"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?id.273945"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
OPENSUSE-SU-2024:14290-1
Vulnerability from csaf_opensuse - Published: 2024-08-27 00:00 - Updated: 2024-08-27 00:00Summary
ffmpeg-5-5.1.4-11.1 on GA media
Severity
Moderate
Notes
Title of the patch: ffmpeg-5-5.1.4-11.1 on GA media
Description of the patch: These are all security issues fixed in the ffmpeg-5-5.1.4-11.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14290
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ffmpeg-5-5.1.4-11.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ffmpeg-5-5.1.4-11.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14290",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14290-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-7272 page",
"url": "https://www.suse.com/security/cve/CVE-2024-7272/"
}
],
"title": "ffmpeg-5-5.1.4-11.1 on GA media",
"tracking": {
"current_release_date": "2024-08-27T00:00:00Z",
"generator": {
"date": "2024-08-27T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14290-1",
"initial_release_date": "2024-08-27T00:00:00Z",
"revision_history": [
{
"date": "2024-08-27T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ffmpeg-5-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-private-devel-5.1.4-11.1.aarch64",
"product": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.aarch64",
"product_id": "ffmpeg-5-private-devel-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavcodec59-5.1.4-11.1.aarch64",
"product": {
"name": "libavcodec59-5.1.4-11.1.aarch64",
"product_id": "libavcodec59-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavcodec59-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libavcodec59-32bit-5.1.4-10.1.aarch64",
"product_id": "libavcodec59-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavdevice59-5.1.4-11.1.aarch64",
"product": {
"name": "libavdevice59-5.1.4-11.1.aarch64",
"product_id": "libavdevice59-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavdevice59-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libavdevice59-32bit-5.1.4-10.1.aarch64",
"product_id": "libavdevice59-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavfilter8-5.1.4-11.1.aarch64",
"product": {
"name": "libavfilter8-5.1.4-11.1.aarch64",
"product_id": "libavfilter8-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavfilter8-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libavfilter8-32bit-5.1.4-10.1.aarch64",
"product_id": "libavfilter8-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavformat59-5.1.4-11.1.aarch64",
"product": {
"name": "libavformat59-5.1.4-11.1.aarch64",
"product_id": "libavformat59-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavformat59-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libavformat59-32bit-5.1.4-10.1.aarch64",
"product_id": "libavformat59-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavutil57-5.1.4-11.1.aarch64",
"product": {
"name": "libavutil57-5.1.4-11.1.aarch64",
"product_id": "libavutil57-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libavutil57-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libavutil57-32bit-5.1.4-10.1.aarch64",
"product_id": "libavutil57-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpostproc56-5.1.4-11.1.aarch64",
"product": {
"name": "libpostproc56-5.1.4-11.1.aarch64",
"product_id": "libpostproc56-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpostproc56-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libpostproc56-32bit-5.1.4-10.1.aarch64",
"product_id": "libpostproc56-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-5.1.4-11.1.aarch64",
"product": {
"name": "libswresample4_ff5-5.1.4-11.1.aarch64",
"product_id": "libswresample4_ff5-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.aarch64",
"product_id": "libswresample4_ff5-32bit-5.1.4-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "libswscale6-5.1.4-11.1.aarch64",
"product": {
"name": "libswscale6-5.1.4-11.1.aarch64",
"product_id": "libswscale6-5.1.4-11.1.aarch64"
}
},
{
"category": "product_version",
"name": "libswscale6-32bit-5.1.4-10.1.aarch64",
"product": {
"name": "libswscale6-32bit-5.1.4-10.1.aarch64",
"product_id": "libswscale6-32bit-5.1.4-10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ffmpeg-5-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-private-devel-5.1.4-11.1.ppc64le",
"product": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.ppc64le",
"product_id": "ffmpeg-5-private-devel-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavcodec59-5.1.4-11.1.ppc64le",
"product": {
"name": "libavcodec59-5.1.4-11.1.ppc64le",
"product_id": "libavcodec59-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavcodec59-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libavcodec59-32bit-5.1.4-10.1.ppc64le",
"product_id": "libavcodec59-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavdevice59-5.1.4-11.1.ppc64le",
"product": {
"name": "libavdevice59-5.1.4-11.1.ppc64le",
"product_id": "libavdevice59-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavdevice59-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libavdevice59-32bit-5.1.4-10.1.ppc64le",
"product_id": "libavdevice59-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavfilter8-5.1.4-11.1.ppc64le",
"product": {
"name": "libavfilter8-5.1.4-11.1.ppc64le",
"product_id": "libavfilter8-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavfilter8-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libavfilter8-32bit-5.1.4-10.1.ppc64le",
"product_id": "libavfilter8-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavformat59-5.1.4-11.1.ppc64le",
"product": {
"name": "libavformat59-5.1.4-11.1.ppc64le",
"product_id": "libavformat59-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavformat59-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libavformat59-32bit-5.1.4-10.1.ppc64le",
"product_id": "libavformat59-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavutil57-5.1.4-11.1.ppc64le",
"product": {
"name": "libavutil57-5.1.4-11.1.ppc64le",
"product_id": "libavutil57-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libavutil57-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libavutil57-32bit-5.1.4-10.1.ppc64le",
"product_id": "libavutil57-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpostproc56-5.1.4-11.1.ppc64le",
"product": {
"name": "libpostproc56-5.1.4-11.1.ppc64le",
"product_id": "libpostproc56-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpostproc56-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libpostproc56-32bit-5.1.4-10.1.ppc64le",
"product_id": "libpostproc56-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-5.1.4-11.1.ppc64le",
"product": {
"name": "libswresample4_ff5-5.1.4-11.1.ppc64le",
"product_id": "libswresample4_ff5-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.ppc64le",
"product_id": "libswresample4_ff5-32bit-5.1.4-10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libswscale6-5.1.4-11.1.ppc64le",
"product": {
"name": "libswscale6-5.1.4-11.1.ppc64le",
"product_id": "libswscale6-5.1.4-11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libswscale6-32bit-5.1.4-10.1.ppc64le",
"product": {
"name": "libswscale6-32bit-5.1.4-10.1.ppc64le",
"product_id": "libswscale6-32bit-5.1.4-10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ffmpeg-5-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-private-devel-5.1.4-11.1.s390x",
"product": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.s390x",
"product_id": "ffmpeg-5-private-devel-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libavcodec59-5.1.4-11.1.s390x",
"product": {
"name": "libavcodec59-5.1.4-11.1.s390x",
"product_id": "libavcodec59-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libavcodec59-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libavcodec59-32bit-5.1.4-10.1.s390x",
"product_id": "libavcodec59-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libavdevice59-5.1.4-11.1.s390x",
"product": {
"name": "libavdevice59-5.1.4-11.1.s390x",
"product_id": "libavdevice59-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libavdevice59-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libavdevice59-32bit-5.1.4-10.1.s390x",
"product_id": "libavdevice59-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libavfilter8-5.1.4-11.1.s390x",
"product": {
"name": "libavfilter8-5.1.4-11.1.s390x",
"product_id": "libavfilter8-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libavfilter8-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libavfilter8-32bit-5.1.4-10.1.s390x",
"product_id": "libavfilter8-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libavformat59-5.1.4-11.1.s390x",
"product": {
"name": "libavformat59-5.1.4-11.1.s390x",
"product_id": "libavformat59-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libavformat59-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libavformat59-32bit-5.1.4-10.1.s390x",
"product_id": "libavformat59-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libavutil57-5.1.4-11.1.s390x",
"product": {
"name": "libavutil57-5.1.4-11.1.s390x",
"product_id": "libavutil57-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libavutil57-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libavutil57-32bit-5.1.4-10.1.s390x",
"product_id": "libavutil57-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libpostproc56-5.1.4-11.1.s390x",
"product": {
"name": "libpostproc56-5.1.4-11.1.s390x",
"product_id": "libpostproc56-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libpostproc56-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libpostproc56-32bit-5.1.4-10.1.s390x",
"product_id": "libpostproc56-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-5.1.4-11.1.s390x",
"product": {
"name": "libswresample4_ff5-5.1.4-11.1.s390x",
"product_id": "libswresample4_ff5-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.s390x",
"product_id": "libswresample4_ff5-32bit-5.1.4-10.1.s390x"
}
},
{
"category": "product_version",
"name": "libswscale6-5.1.4-11.1.s390x",
"product": {
"name": "libswscale6-5.1.4-11.1.s390x",
"product_id": "libswscale6-5.1.4-11.1.s390x"
}
},
{
"category": "product_version",
"name": "libswscale6-32bit-5.1.4-10.1.s390x",
"product": {
"name": "libswscale6-32bit-5.1.4-10.1.s390x",
"product_id": "libswscale6-32bit-5.1.4-10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ffmpeg-5-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "ffmpeg-5-private-devel-5.1.4-11.1.x86_64",
"product": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.x86_64",
"product_id": "ffmpeg-5-private-devel-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavcodec59-5.1.4-11.1.x86_64",
"product": {
"name": "libavcodec59-5.1.4-11.1.x86_64",
"product_id": "libavcodec59-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavcodec59-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libavcodec59-32bit-5.1.4-10.1.x86_64",
"product_id": "libavcodec59-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavdevice59-5.1.4-11.1.x86_64",
"product": {
"name": "libavdevice59-5.1.4-11.1.x86_64",
"product_id": "libavdevice59-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavdevice59-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libavdevice59-32bit-5.1.4-10.1.x86_64",
"product_id": "libavdevice59-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavfilter8-5.1.4-11.1.x86_64",
"product": {
"name": "libavfilter8-5.1.4-11.1.x86_64",
"product_id": "libavfilter8-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavfilter8-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libavfilter8-32bit-5.1.4-10.1.x86_64",
"product_id": "libavfilter8-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavformat59-5.1.4-11.1.x86_64",
"product": {
"name": "libavformat59-5.1.4-11.1.x86_64",
"product_id": "libavformat59-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavformat59-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libavformat59-32bit-5.1.4-10.1.x86_64",
"product_id": "libavformat59-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavutil57-5.1.4-11.1.x86_64",
"product": {
"name": "libavutil57-5.1.4-11.1.x86_64",
"product_id": "libavutil57-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libavutil57-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libavutil57-32bit-5.1.4-10.1.x86_64",
"product_id": "libavutil57-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpostproc56-5.1.4-11.1.x86_64",
"product": {
"name": "libpostproc56-5.1.4-11.1.x86_64",
"product_id": "libpostproc56-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpostproc56-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libpostproc56-32bit-5.1.4-10.1.x86_64",
"product_id": "libpostproc56-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-5.1.4-11.1.x86_64",
"product": {
"name": "libswresample4_ff5-5.1.4-11.1.x86_64",
"product_id": "libswresample4_ff5-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libswresample4_ff5-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.x86_64",
"product_id": "libswresample4_ff5-32bit-5.1.4-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "libswscale6-5.1.4-11.1.x86_64",
"product": {
"name": "libswscale6-5.1.4-11.1.x86_64",
"product_id": "libswscale6-5.1.4-11.1.x86_64"
}
},
{
"category": "product_version",
"name": "libswscale6-32bit-5.1.4-10.1.x86_64",
"product": {
"name": "libswscale6-32bit-5.1.4-10.1.x86_64",
"product_id": "libswscale6-32bit-5.1.4-10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.aarch64"
},
"product_reference": "ffmpeg-5-private-devel-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.ppc64le"
},
"product_reference": "ffmpeg-5-private-devel-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.s390x"
},
"product_reference": "ffmpeg-5-private-devel-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ffmpeg-5-private-devel-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.x86_64"
},
"product_reference": "ffmpeg-5-private-devel-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.aarch64"
},
"product_reference": "libavcodec59-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.ppc64le"
},
"product_reference": "libavcodec59-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.s390x"
},
"product_reference": "libavcodec59-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.x86_64"
},
"product_reference": "libavcodec59-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libavcodec59-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libavcodec59-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libavcodec59-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavcodec59-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libavcodec59-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.aarch64"
},
"product_reference": "libavdevice59-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.ppc64le"
},
"product_reference": "libavdevice59-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.s390x"
},
"product_reference": "libavdevice59-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.x86_64"
},
"product_reference": "libavdevice59-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libavdevice59-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libavdevice59-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libavdevice59-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavdevice59-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libavdevice59-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.aarch64"
},
"product_reference": "libavfilter8-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.ppc64le"
},
"product_reference": "libavfilter8-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.s390x"
},
"product_reference": "libavfilter8-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.x86_64"
},
"product_reference": "libavfilter8-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libavfilter8-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libavfilter8-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libavfilter8-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavfilter8-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libavfilter8-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-5.1.4-11.1.aarch64"
},
"product_reference": "libavformat59-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-5.1.4-11.1.ppc64le"
},
"product_reference": "libavformat59-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-5.1.4-11.1.s390x"
},
"product_reference": "libavformat59-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-5.1.4-11.1.x86_64"
},
"product_reference": "libavformat59-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libavformat59-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libavformat59-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libavformat59-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavformat59-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libavformat59-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-5.1.4-11.1.aarch64"
},
"product_reference": "libavutil57-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-5.1.4-11.1.ppc64le"
},
"product_reference": "libavutil57-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-5.1.4-11.1.s390x"
},
"product_reference": "libavutil57-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-5.1.4-11.1.x86_64"
},
"product_reference": "libavutil57-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libavutil57-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libavutil57-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libavutil57-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libavutil57-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libavutil57-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.aarch64"
},
"product_reference": "libpostproc56-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.ppc64le"
},
"product_reference": "libpostproc56-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.s390x"
},
"product_reference": "libpostproc56-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.x86_64"
},
"product_reference": "libpostproc56-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libpostproc56-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libpostproc56-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libpostproc56-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpostproc56-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libpostproc56-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.aarch64"
},
"product_reference": "libswresample4_ff5-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.ppc64le"
},
"product_reference": "libswresample4_ff5-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.s390x"
},
"product_reference": "libswresample4_ff5-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.x86_64"
},
"product_reference": "libswresample4_ff5-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libswresample4_ff5-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libswresample4_ff5-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libswresample4_ff5-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswresample4_ff5-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libswresample4_ff5-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-5.1.4-11.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-5.1.4-11.1.aarch64"
},
"product_reference": "libswscale6-5.1.4-11.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-5.1.4-11.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-5.1.4-11.1.ppc64le"
},
"product_reference": "libswscale6-5.1.4-11.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-5.1.4-11.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-5.1.4-11.1.s390x"
},
"product_reference": "libswscale6-5.1.4-11.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-5.1.4-11.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-5.1.4-11.1.x86_64"
},
"product_reference": "libswscale6-5.1.4-11.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-32bit-5.1.4-10.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.aarch64"
},
"product_reference": "libswscale6-32bit-5.1.4-10.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-32bit-5.1.4-10.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.ppc64le"
},
"product_reference": "libswscale6-32bit-5.1.4-10.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-32bit-5.1.4-10.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.s390x"
},
"product_reference": "libswscale6-32bit-5.1.4-10.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libswscale6-32bit-5.1.4-10.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.x86_64"
},
"product_reference": "libswscale6-32bit-5.1.4-10.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-7272"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-7272",
"url": "https://www.suse.com/security/cve/CVE-2024-7272"
},
{
"category": "external",
"summary": "SUSE Bug 1229261 for CVE-2024-7272",
"url": "https://bugzilla.suse.com/1229261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavcodec-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavdevice-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavfilter-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavformat-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libavutil-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libpostproc-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libswresample-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-libswscale-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:ffmpeg-5-private-devel-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavcodec59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavcodec59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavdevice59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavdevice59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavfilter8-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavfilter8-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavformat59-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavformat59-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libavutil57-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libavutil57-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libpostproc56-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libpostproc56-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libswresample4_ff5-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libswresample4_ff5-5.1.4-11.1.x86_64",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.aarch64",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.ppc64le",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.s390x",
"openSUSE Tumbleweed:libswscale6-32bit-5.1.4-10.1.x86_64",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.aarch64",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.ppc64le",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.s390x",
"openSUSE Tumbleweed:libswscale6-5.1.4-11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-27T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-7272"
}
]
}
BDU:2024-06374
Vulnerability from fstec - Published: 12.08.2024
VLAI Severity ?
Title
Уязвимость функции fill_audiodata файла /libswresample/swresample.c мультимедийной библиотеки FFmpeg, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость функции fill_audiodata файла /libswresample/swresample.c мультимедийной библиотеки FFmpeg связана с выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код
Severity ?
Vendor
ООО «РусБИТех-Астра», FFmpeg team, ООО «Открытая мобильная платформа»
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), FFmpeg, ОС Аврора (запись в едином реестре российских программ №1543)
Software Version
1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), до 5.1.6 (FFmpeg), 1.8 (Astra Linux Special Edition), до 5.1.4 включительно (ОС Аврора)
Possible Mitigations
Установка обновлений из доверенных источников.
В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков.
Компенсирующие меры:
- использование антивирусного программного обеспечения для проверки файлов, полученных из недоверенных источников.
- использование SIEM-систем для отслеживания попыток эксплуатации уязвимости.
Использование рекомендаций производителя:
https://ffmpeg.org/
Для Astra Linux Special Edition 4.7 для архитектуры ARM:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
Для ОС Astra Linux:
обновить пакет ffmpeg до 7:5.1.6-0+deb12u1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD
Для ОС Astra Linux:
обновить пакет ffmpeg5 до 7:5.1.3-1astra11+ci1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17
Для ОС Аврора: https://cve.omp.ru/bb27514
Reference
https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5
https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6
https://ffmpeg.org
https://vuldb.com/?id.273945
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47
https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17
https://cve.omp.ru/bb27514
CWE
CWE-122, CWE-787
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, FFmpeg team, \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u0434\u043e 5.1.6 (FFmpeg), 1.8 (Astra Linux Special Edition), \u0434\u043e 5.1.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u0438\u0437 \u043d\u0435\u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432.\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c \u0434\u043b\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://ffmpeg.org/\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ffmpeg \u0434\u043e 7:5.1.6-0+deb12u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ffmpeg5 \u0434\u043e 7:5.1.3-1astra11+ci1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430: https://cve.omp.ru/bb27514",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.08.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.09.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.08.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-06374",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-7272",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), FFmpeg, \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u041e\u0442\u043a\u0440\u044b\u0442\u0430\u044f \u043c\u043e\u0431\u0438\u043b\u044c\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u00bb \u041e\u0421 \u0410\u0432\u0440\u043e\u0440\u0430 \u0434\u043e 5.1.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161543)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 fill_audiodata \u0444\u0430\u0439\u043b\u0430 /libswresample/swresample.c \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 FFmpeg, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CWE-122), \u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 fill_audiodata \u0444\u0430\u0439\u043b\u0430 /libswresample/swresample.c \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0439\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 FFmpeg \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5\nhttps://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6\nhttps://ffmpeg.org\nhttps://vuldb.com/?id.273945\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-1031SE47\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0114SE18MD\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0319SE17\nhttps://cve.omp.ru/bb27514",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-122, CWE-787",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
GHSA-7Q2G-J3R8-HGWH
Vulnerability from github – Published: 2024-08-12 15:30 – Updated: 2024-08-12 15:30
VLAI?
Details
A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.
Severity ?
6.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-7272"
],
"database_specific": {
"cwe_ids": [
"CWE-122",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-12T13:38:40Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.",
"id": "GHSA-7q2g-j3r8-hgwh",
"modified": "2024-08-12T15:30:51Z",
"published": "2024-08-12T15:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7272"
},
{
"type": "WEB",
"url": "https://ffmpeg.org"
},
{
"type": "WEB",
"url": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc5"
},
{
"type": "WEB",
"url": "https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc6"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.273945"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.273945"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
WID-SEC-W-2024-1760
Vulnerability from csaf_certbund - Published: 2024-08-05 22:00 - Updated: 2025-10-15 22:00Summary
ffmpeg: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das FFmpeg-Projekt besteht aus freien Programmen und Bibliotheken, die es ermöglichen, digitales Video- und Audiomaterial aufzunehmen, zu konvertieren, zu streamen und abzuspielen. Zudem enthält es mit libavcodec eine Audio- und Video-Codec-Sammlung, die verschiedene Codecs zur Verfügung stellt.
Angriff: Ein Angreifer kann mehrere Schwachstellen in ffmpeg ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das FFmpeg-Projekt besteht aus freien Programmen und Bibliotheken, die es erm\u00f6glichen, digitales Video- und Audiomaterial aufzunehmen, zu konvertieren, zu streamen und abzuspielen. Zudem enth\u00e4lt es mit libavcodec eine Audio- und Video-Codec-Sammlung, die verschiedene Codecs zur Verf\u00fcgung stellt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in ffmpeg ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1760 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1760.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1760 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1760"
},
{
"category": "external",
"summary": "FFmpeg Security vom 2024-08-05",
"url": "https://ffmpeg.org/security.html"
},
{
"category": "external",
"summary": "FFmpeg Download vom 2024-08-05",
"url": "https://ffmpeg.org/download.html#releases"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-0462A59D45 vom 2024-08-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-0462a59d45"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5748 vom 2024-08-14",
"url": "https://security-tracker.debian.org/tracker/DSA-5748-1"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14339-1 vom 2024-09-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RIDSFTM256P7QTXFMC5QSC6VIJKSS3TQ/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14344-1 vom 2024-09-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BGHBNX4J5LWQPGGAY4MMCALQMW465IX6/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14343-1 vom 2024-09-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EUS3XOB45IICEJXVEPZ3N7N2LWQEGTJ2/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3301-1 vom 2024-09-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019456.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3358-1 vom 2024-09-22",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QSQTWHIT3RNQD76Y6EXZ2KRSSDTFBGUA/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14384-1 vom 2024-10-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RB44IOXPMKDZE3AOZD7CSIRL7ACFB2AV/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3928 vom 2024-10-21",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00019.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0862-1 vom 2025-03-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020516.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7823-1 vom 2025-10-16",
"url": "https://ubuntu.com/security/notices/USN-7823-1"
}
],
"source_lang": "en-US",
"title": "ffmpeg: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2025-10-15T22:00:00.000+00:00",
"generator": {
"date": "2025-10-16T10:09:35.208+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-1760",
"initial_release_date": "2024-08-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-09-17T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-09-18T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE und SUSE aufgenommen"
},
{
"date": "2024-09-22T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-10-06T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-10-21T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-03-16T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.0.2",
"product": {
"name": "Open Source ffmpeg \u003c7.0.2",
"product_id": "T036597"
}
},
{
"category": "product_version",
"name": "7.0.2",
"product": {
"name": "Open Source ffmpeg 7.0.2",
"product_id": "T036597-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ffmpeg:ffmpeg:7.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1.2",
"product": {
"name": "Open Source ffmpeg \u003c6.1.2",
"product_id": "T036598"
}
},
{
"category": "product_version",
"name": "6.1.2",
"product": {
"name": "Open Source ffmpeg 6.1.2",
"product_id": "T036598-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ffmpeg:ffmpeg:6.1.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.1.6",
"product": {
"name": "Open Source ffmpeg \u003c5.1.6",
"product_id": "T036599"
}
},
{
"category": "product_version",
"name": "5.1.6",
"product": {
"name": "Open Source ffmpeg 5.1.6",
"product_id": "T036599-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ffmpeg:ffmpeg:5.1.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.4.5",
"product": {
"name": "Open Source ffmpeg \u003c4.4.5",
"product_id": "T036600"
}
},
{
"category": "product_version",
"name": "4.4.5",
"product": {
"name": "Open Source ffmpeg 4.4.5",
"product_id": "T036600-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ffmpeg:ffmpeg:4.4.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.3.8",
"product": {
"name": "Open Source ffmpeg \u003c4.3.8",
"product_id": "T036601"
}
},
{
"category": "product_version",
"name": "4.3.8",
"product": {
"name": "Open Source ffmpeg 4.3.8",
"product_id": "T036601-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ffmpeg:ffmpeg:4.3.8"
}
}
}
],
"category": "product_name",
"name": "ffmpeg"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7055",
"product_status": {
"known_affected": [
"2951",
"T002207",
"T036601",
"T000126",
"T027843",
"T036597",
"T036598",
"T036599",
"T036600",
"74185"
]
},
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2024-7055"
},
{
"cve": "CVE-2024-7272",
"product_status": {
"known_affected": [
"2951",
"T002207",
"T000126",
"T027843",
"T036599",
"74185"
]
},
"release_date": "2024-08-05T22:00:00.000+00:00",
"title": "CVE-2024-7272"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…