Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-3109HistoryDec 16, 2022 - 3:15 p.m.
CVE-2022-3109
2022-12-1615:15:09
Debian Security Bug Tracker
security-tracker.debian.org
20
ffmpeg
null pointer dereference
availability
vp3_decode_frame
av_malloc
libavcodec/vp3.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
50.3%
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ffmpeg | < 7:5.1-1 | ffmpeg_7:5.1-1_all.deb |
| Debian | 11 | all | ffmpeg | < 7:4.3.6-0+deb11u1 | ffmpeg_7:4.3.6-0+deb11u1_all.deb |
| Debian | 999 | all | ffmpeg | < 7:5.1-1 | ffmpeg_7:5.1-1_all.deb |
| Debian | 13 | all | ffmpeg | < 7:5.1-1 | ffmpeg_7:5.1-1_all.deb |
Related
veracode
veracode
Denial Of Service (DoS)
2022-12-24 12:21:49
nvd
nvd
CVE-2022-3109
2022-12-16 15:15:09
osv
osv
ffmpeg - security update
2023-04-30 00:00:00
CVE-2022-3109
2022-12-16 15:15:09
ffmpeg - security update
2023-06-13 00:00:00
openvas
openvas
openSUSE: Security Advisory for ffmpeg (SUSE-SU-2023:0007-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0007-1)
2023-01-03 00:00:00
Mageia: Security Advisory (MGASA-2023-0004)
2023-03-28 00:00:00
ubuntucve
ubuntucve
CVE-2022-3109
2022-12-16 00:00:00
prion
prion
Null pointer dereference
2022-12-16 15:15:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : ffmpeg-4 (SUSE-SU-2023:0008-1)
2023-01-03 00:00:00
Debian DSA-5394-1 : ffmpeg - security update
2023-05-01 00:00:00
SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2023:0007-1)
2023-01-03 00:00:00
cvelist
cvelist
CVE-2022-3109
2022-12-16 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerability
2023-01-13 20:37:09
cve
cve
CVE-2022-3109
2022-12-16 15:15:09
debian
debian
[SECURITY] [DSA 5394-1] ffmpeg security update
2023-04-30 19:03:39
[SECURITY] [DLA 3454-1] ffmpeg security update
2023-06-13 15:17:45
fedora
fedora
[SECURITY] Fedora 36 Update: ffmpeg-5.0.3-1.fc36
2023-04-22 01:12:24
freebsd
freebsd
ffmpeg -- multiple vulnerabilities
2022-11-12 00:00:00
cloudfoundry
cloudfoundry
USN-5958-1: FFmpeg vulnerabilities | Cloud Foundry
2023-05-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2277
2023-10-22 06:34:44
ubuntu
ubuntu
FFmpeg vulnerabilities
2023-03-16 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
50.3%
Related for DEBIANCVE:CVE-2022-3109