vulnerability

SUSE: CVE-2021-3566: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Aug 5, 2021	Oct 27, 2021	Oct 26, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Aug 5, 2021

Added

Oct 27, 2021

Modified

Oct 26, 2022

Description

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).

Solutions

suse-upgrade-ffmpegsuse-upgrade-ffmpeg-private-develsuse-upgrade-libavcodec-develsuse-upgrade-libavcodec57suse-upgrade-libavcodec57-32bitsuse-upgrade-libavdevice-develsuse-upgrade-libavdevice57suse-upgrade-libavdevice57-32bitsuse-upgrade-libavfilter-develsuse-upgrade-libavfilter6suse-upgrade-libavfilter6-32bitsuse-upgrade-libavformat-develsuse-upgrade-libavformat57suse-upgrade-libavformat57-32bitsuse-upgrade-libavresample-develsuse-upgrade-libavresample3suse-upgrade-libavresample3-32bitsuse-upgrade-libavresample3-64bitsuse-upgrade-libavutil-develsuse-upgrade-libavutil55suse-upgrade-libavutil55-32bitsuse-upgrade-libpostproc-develsuse-upgrade-libpostproc54suse-upgrade-libpostproc54-32bitsuse-upgrade-libswresample-develsuse-upgrade-libswresample2suse-upgrade-libswresample2-32bitsuse-upgrade-libswscale-develsuse-upgrade-libswscale4suse-upgrade-libswscale4-32bit

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today