ГлавнаяУязвимости → CVE-2023-49502
8.8высокая

CVE-2023-49502

→ есть в БДУ: BDU:2024-05032 (на русском)
Описание (на английском; русское — в БДУ выше)

Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

Затрагиваемое ПО
Ffmpeg FfmpegFedoraproject Fedora
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://github.com/FFmpeg/FFmpeghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/https://trac.ffmpeg.org/ticket/10688https://github.com/FFmpeg/FFmpeghttps://lists.debian.org/debian-lts-announce/2024/10/msg00019.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/