]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aa68992) | patch
ffmpeg: fix CVE-2025-1594
authorArchana Polampalli <archana.polampalli@windriver.com>
Fri, 5 Sep 2025 05:40:45 +0000 (11:10 +0530)
committerSteve Sakoman <steve@sakoman.com>
Fri, 5 Sep 2025 13:39:28 +0000 (06:39 -0700)
commit5a922eb95da7d373ee2bc3018065448fa128e69a
tree42990d437b80f19dfde9accb95a4e46f143e5198tree | snapshot
parentaa68992ddc5744bb4fdbb3a3cd0636b303449be2commit | diff
ffmpeg: fix CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1.
This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c
of the component AAC Encoder. The manipulation leads to stack-based buffer overflow.
It is possible to initiate the attack remotely. The exploit has been disclosed to
the public and may be used.

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-1594.patch [new file with mode: 0644] blob
meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib