Your submission was sent successfully! Close

CVE-2018-12460

Published: 15 June 2018

libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
ffmpeg
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(debian: Introduced after 3.4)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(code not present)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(code not present)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist