CVE-2015-6822

描述

The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via crafted LucasArts Smush video data.

受影響套件(2)

• Debian/ffmpegfrom 0, < 7:2.7.2-1
• Debian/libavfrom 0, < 6:11.12-1~deb8u3

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-6822