package/ffmpeg: fix CVE-2020-12284 (aab52d87) · Commits · Arm Reference Solutions / buildroot

Commit aab52d87 authored May 07, 2020 by Fabrice Fontaine Committed by Thomas Petazzoni May 09, 2020

package/ffmpeg: fix CVE-2020-12284



cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a
heap-based buffer overflow during JPEG_MARKER_SOS handling because of a
missing length check.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

parent 2452aa18

Hide whitespace changes

Inline Side-by-side

Please register or to comment