CVE-2018-1999014
Published: 23 July 2018
FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later.
Notes
| Author | Note |
|---|---|
| mdeslaur | marking chromium-browser as ignored, since we do full-version updates, and rely on upstream's bundled ffmpeg version |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
ffmpeg Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
|
| impish |
Not vulnerable
(7:4.1-1)
|
|
| kinetic |
Not vulnerable
(7:4.1-1)
|
|
| cosmic |
Not vulnerable
|
|
| disco |
Not vulnerable
(7:4.1-1)
|
|
| eoan |
Not vulnerable
(7:4.1-1)
|
|
| focal |
Not vulnerable
(7:4.1-1)
|
|
| groovy |
Not vulnerable
(7:4.1-1)
|
|
| hirsute |
Not vulnerable
(7:4.1-1)
|
|
| jammy |
Not vulnerable
(7:4.1-1)
|
|
| lunar |
Not vulnerable
(7:4.1-1)
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(code not present)
|
|
| mantic |
Not vulnerable
(7:4.1-1)
|
|
|
Patches: upstream: https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 |
||
|
qtwebengine-opensource-src Launchpad, Ubuntu, Debian |
kinetic |
Ignored
(end of life, was needs-triage)
|
| impish |
Ignored
(end of life)
|
|
| bionic |
Needs triage
|
|
| cosmic |
Ignored
(end of life)
|
|
| disco |
Ignored
(end of life)
|
|
| eoan |
Ignored
(end of life)
|
|
| focal |
Needs triage
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| jammy |
Needs triage
|
|
| lunar |
Needs triage
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
| mantic |
Needs triage
|
|
|
gst-libav1.0 Launchpad, Ubuntu, Debian |
impish |
Ignored
(end of life)
|
| kinetic |
Ignored
(end of life, was needs-triage)
|
|
| xenial |
Needs triage
|
|
| bionic |
Needs triage
|
|
| cosmic |
Ignored
(end of life)
|
|
| disco |
Ignored
(end of life)
|
|
| eoan |
Ignored
(end of life)
|
|
| focal |
Needs triage
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| jammy |
Needs triage
|
|
| lunar |
Needs triage
|
|
| trusty |
Does not exist
(trusty was needs-triage)
|
|
| upstream |
Needs triage
|
|
| mantic |
Needs triage
|
|
|
kino Launchpad, Ubuntu, Debian |
impish |
Ignored
(end of life)
|
| kinetic |
Does not exist
|
|
| xenial |
Needs triage
|
|
| bionic |
Needs triage
|
|
| cosmic |
Ignored
(end of life)
|
|
| disco |
Ignored
(end of life)
|
|
| eoan |
Ignored
(end of life)
|
|
| focal |
Needs triage
|
|
| groovy |
Ignored
(end of life)
|
|
| hirsute |
Ignored
(end of life)
|
|
| jammy |
Needs triage
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
(trusty was needs-triage)
|
|
| upstream |
Needs triage
|
|
| mantic |
Does not exist
|
|
|
chromium-browser Launchpad, Ubuntu, Debian |
bionic |
Ignored
|
| cosmic |
Ignored
|
|
| disco |
Ignored
|
|
| eoan |
Ignored
|
|
| focal |
Ignored
|
|
| groovy |
Ignored
|
|
| hirsute |
Ignored
|
|
| impish |
Ignored
|
|
| jammy |
Ignored
|
|
| kinetic |
Ignored
|
|
| lunar |
Ignored
|
|
| trusty |
Does not exist
(trusty was ignored [no longer updated])
|
|
| upstream |
Released
|
|
| xenial |
Ignored
|
|
| mantic |
Ignored
|
|
|
oxide-qt Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| eoan |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
(trusty was ignored [Ubuntu touch end-of-life])
|
|
| upstream |
Needs triage
|
|
| xenial |
Ignored
(Ubuntu touch end-of-life)
|
|
| mantic |
Does not exist
|
|
|
vlc Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
| cosmic |
Not vulnerable
(code not present)
|
|
| disco |
Not vulnerable
(code not present)
|
|
| eoan |
Not vulnerable
(code not present)
|
|
| focal |
Not vulnerable
(code not present)
|
|
| groovy |
Not vulnerable
(code not present)
|
|
| hirsute |
Not vulnerable
(code not present)
|
|
| impish |
Not vulnerable
(code not present)
|
|
| jammy |
Not vulnerable
(code not present)
|
|
| kinetic |
Not vulnerable
(code not present)
|
|
| lunar |
Not vulnerable
(code not present)
|
|
| trusty |
Does not exist
|
|
| upstream |
Not vulnerable
(code not present)
|
|
| xenial |
Not vulnerable
(code not present)
|
|
| mantic |
Not vulnerable
(code not present)
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |