1
Candidate: CVE-2017-14054
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14054
5
https://github.com/FFmpeg/FFmpeg/commit/124eb202e70678539544f6268efc98131f19fa49
7
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to
8
lack of an EOF (End of File) check might cause huge CPU consumption. When a
9
crafted IVR file, which claims a large "len" field in the header but does
10
not contain sufficient backing data, is provided, the first type==4 loop
11
would consume huge CPU resources, since there is no EOF check inside the
21
upstream_ffmpeg: needs-triage
22
precise/esm_ffmpeg: DNE
24
vivid/ubuntu-core_ffmpeg: DNE
25
xenial_ffmpeg: needs-triage
26
zesty_ffmpeg: ignored (reached end-of-life)