Wind River Support Network

HomeDefectsLIN6-10322
Fixed

LIN6-10322 : Security Advisory - gst-ffmpeg - CVE-2015-6823

Created: Sep 14, 2015    Updated: Dec 3, 2018
Resolved Date: Oct 12, 2015
Found In Version: 6.0.0.24
Fix Version: 6.0.0.26
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted Apple Lossless Audio Codec (ALAC) data.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6823

Other Downloads


Live chat
Online