CVE-2020-22028

Published: 26 May 2021

Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service.

Priority

6.5

Package	Release	Status
ffmpeg Launchpad, Ubuntu, Debian	bionic	Released (7:3.4.11-0ubuntu0.1)
	focal	Released (7:4.2.7-0ubuntu0.1)
	groovy	Not vulnerable (7:4.3.1-4ubuntu1)
	hirsute	Not vulnerable (7:4.3.1-4ubuntu1)
	impish	Not vulnerable (7:4.4-6ubuntu5)
	jammy	Not vulnerable (7:4.4.1-3ubuntu2)
	kinetic	Not vulnerable (7:4.4.1-3ubuntu2)
	lunar	Not vulnerable (7:4.4.1-3ubuntu2)
	trusty	Does not exist
	upstream	Released (4.3)
	xenial	Not vulnerable (code not present)
	Patches: upstream: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/f069a9c2a65bc20c3462127623127df6dfd06c5b
qtwebengine-opensource-src Launchpad, Ubuntu, Debian	bionic	Needs triage
	focal	Needs triage
	hirsute	Ignored (reached end-of-life)
	impish	Ignored (reached end-of-life)
	jammy	Needs triage
	kinetic	Needs triage
	lunar	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	xenial	Ignored (out of standard support)
vice Launchpad, Ubuntu, Debian	bionic	Needs triage
	focal	Needs triage
	hirsute	Ignored (reached end-of-life)
	impish	Ignored (reached end-of-life)
	jammy	Needs triage
	kinetic	Needs triage
	lunar	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	xenial	Needs triage

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.