From 747e9ec550a6102328ebbdb4029b80e77a3d26e7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 4 Jan 2021 20:01:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/14xxx/CVE-2017-14169.json | 7 ++++++- 2019/9xxx/CVE-2019-9721.json | 7 ++++++- 2020/13xxx/CVE-2020-13765.json | 7 ++++++- 2020/13xxx/CVE-2020-13904.json | 7 ++++++- 2020/8xxx/CVE-2020-8908.json | 10 ++++++++++ 5 files changed, 34 insertions(+), 4 deletions(-) diff --git a/2017/14xxx/CVE-2017-14169.json b/2017/14xxx/CVE-2017-14169.json index a70f6967acb..0add601dc5b 100644 --- a/2017/14xxx/CVE-2017-14169.json +++ b/2017/14xxx/CVE-2017-14169.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3, an integer signedness error might occur when a crafted file, which claims a large \"item_num\" field such as 0xffffffff, is provided. As a result, the variable \"item_num\" turns negative, bypassing the check for a large value." + "value": "In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large \"item_num\" field such as 0xffffffff, is provided. As a result, the variable \"item_num\" turns negative, bypassing the check for a large value." } ] }, @@ -71,6 +71,11 @@ "name": "DSA-3996", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3996" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/FFmpeg/FFmpeg/commit/a4e85b2e1c8d5b4bf0091157bbdeb0e457fb7b8f", + "url": "https://github.com/FFmpeg/FFmpeg/commit/a4e85b2e1c8d5b4bf0091157bbdeb0e457fb7b8f" } ] } diff --git a/2019/9xxx/CVE-2019-9721.json b/2019/9xxx/CVE-2019-9721.json index bbc1204f344..594ede8768c 100644 --- a/2019/9xxx/CVE-2019-9721.json +++ b/2019/9xxx/CVE-2019-9721.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A denial of service in the subtitle decoder in FFmpeg 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf." + "value": "A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf." } ] }, @@ -66,6 +66,11 @@ "refsource": "UBUNTU", "name": "USN-3967-1", "url": "https://usn.ubuntu.com/3967-1/" + }, + { + "refsource": "MISC", + "name": "https://github.com/FFmpeg/FFmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774", + "url": "https://github.com/FFmpeg/FFmpeg/commit/273f2755ce8635d42da3cde0eeba15b2e7842774" } ] } diff --git a/2020/13xxx/CVE-2020-13765.json b/2020/13xxx/CVE-2020-13765.json index a76c62077d7..82544ea9480 100644 --- a/2020/13xxx/CVE-2020-13765.json +++ b/2020/13xxx/CVE-2020-13765.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "rom_copy() in hw/core/loader.c in QEMU 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation." + "value": "rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation." } ] }, @@ -81,6 +81,11 @@ "refsource": "UBUNTU", "name": "USN-4467-1", "url": "https://usn.ubuntu.com/4467-1/" + }, + { + "refsource": "MISC", + "name": "https://github.com/qemu/qemu/commit/4f1c6cb2f9afafda05eab150fd2bd284edce6676", + "url": "https://github.com/qemu/qemu/commit/4f1c6cb2f9afafda05eab150fd2bd284edce6676" } ] } diff --git a/2020/13xxx/CVE-2020-13904.json b/2020/13xxx/CVE-2020-13904.json index 77ec54de7c6..01edbdc5c4d 100644 --- a/2020/13xxx/CVE-2020-13904.json +++ b/2020/13xxx/CVE-2020-13904.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "FFmpeg 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c." + "value": "FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c." } ] }, @@ -81,6 +81,11 @@ "refsource": "GENTOO", "name": "GLSA-202007-58", "url": "https://security.gentoo.org/glsa/202007-58" + }, + { + "refsource": "MISC", + "name": "https://github.com/FFmpeg/FFmpeg/commit/6959358683c7533f586c07a766acc5fe9544d8b2", + "url": "https://github.com/FFmpeg/FFmpeg/commit/6959358683c7533f586c07a766acc5fe9544d8b2" } ] } diff --git a/2020/8xxx/CVE-2020-8908.json b/2020/8xxx/CVE-2020-8908.json index 08f5e186cb4..944d8e4ae81 100644 --- a/2020/8xxx/CVE-2020-8908.json +++ b/2020/8xxx/CVE-2020-8908.json @@ -101,6 +101,16 @@ "refsource": "MLIST", "name": "[ws-commits] 20210104 [ws-wss4j] branch 2_3_x-fixes updated: Updating Guava to 30.1 due to CVE-2020-8908", "url": "https://lists.apache.org/thread.html/r215b3d50f56faeb2f9383505f3e62faa9f549bb23e8a9848b78a968e@%3Ccommits.ws.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[cxf-commits] 20210104 [cxf] 03/04: Updating Guava to 30.1 due to CVE-2020-8908", + "url": "https://lists.apache.org/thread.html/rb8c0f1b7589864396690fe42a91a71dea9412e86eec66dc85bbacaaf@%3Ccommits.cxf.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[cxf-commits] 20210104 [cxf] 02/02: Updating Guava to 30.1 due to CVE-2020-8908", + "url": "https://lists.apache.org/thread.html/r4776f62dfae4a0006658542f43034a7fc199350e35a66d4e18164ee6@%3Ccommits.cxf.apache.org%3E" } ] },