CVE-2015-8218

EPSS 0.43%

Published: 11/17/2015Modified: 4/28/2026

Description

The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data.

Affected packages (1)

Debian/ffmpegfrom 0, < 7:2.8.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-8218