SB2025050525 - SUSE update for ffmpeg

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2023-51793)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in image_copy_plane() function in libavutil/imgutils.c. A remote attacker can pass specially crafted input to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Double free (CVE-ID: CVE-2024-35365)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the new_stream_audio() function in fftools/ffmpeg_mux_init.c. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Double free (CVE-ID: CVE-2024-35368)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the rkmpp_retrieve_frame() function in libavcodec/rkmppdec.c. A remote attacker can pass specially crafted data to the application, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

4) Integer overflow (CVE-ID: CVE-2024-36613)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow within the dxa_read_header() function in libavformat/dxa.c. A remote attacker can pass specially crafted image to the application, trigger integer overflow and perform a denial of service (DoS) attack.

5) Out-of-bounds read (CVE-ID: CVE-2025-0518)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in libavfilter/af_pan.c. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds read error and read contents of memory on the system.

6) Reachable assertion (CVE-ID: CVE-2025-22919)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion within the init_audio() function in libavfilter/buffersrc.c. A remote attacker can pass a specially crafted AAC file to the application, trigger an assertion failure and perform a denial of service (DoS) attack.

7) Buffer overflow (CVE-ID: CVE-2025-22921)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error within the jpeg2000_decode_packet() function in libavcodec/jpeg2000dec.c. A remote attacker can create a specially crafted input to the application,trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• https://www.suse.com/support/update/announcement/2025/suse-su-20251450-1/