« List of all CVEs

CVE-2021-38171

Published: 8/21/2021 Last updated: 8/4/2024 Reserved: 8/7/2021

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

conf-ffmpeg ffmpeg opus

Products affected (1)

Product Vendor Version
n/a n/a ArubaOS 8.10.x.x: 8.10.0.4 and below

References (12)