1
PublicDateAtUSN: 2015-01-16
2
Candidate: CVE-2014-9604
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9604
6
https://usn.ubuntu.com/usn/usn-2534-1
8
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero
9
value of a slice height, which allows remote attackers to cause a denial of
10
service (out-of-bounds array access) or possibly have unspecified other
11
impact via crafted Ut Video data, related to the (1) restore_median and (2)
12
restore_median_il functions.
16
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775593
18
Discovered-by: Mateusz Jurczyk and Gynvael Coldwind
22
upstream: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f
23
upstream_ffmpeg: released (7:2.5.1-1)
24
lucid_ffmpeg: ignored (reached end-of-life)
28
vivid_ffmpeg: not-affected (7:2.5.4-1)
29
vivid/stable-phone-overlay_ffmpeg: DNE
30
vivid/ubuntu-core_ffmpeg: DNE
31
wily_ffmpeg: not-affected (7:2.5.4-1)
32
devel_ffmpeg: not-affected (7:2.5.4-1)
35
upstream_libav: released (0.8.17,11.3,10.6,9.18)
37
precise_libav: released (4:0.8.17-0ubuntu0.12.04.1)
38
trusty_libav: released (6:9.18-0ubuntu0.14.04.1)
39
utopic_libav: ignored (reached end-of-life)
40
vivid_libav: ignored (reached end-of-life)
41
vivid/stable-phone-overlay_libav: DNE
42
vivid/ubuntu-core_libav: DNE