The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"100318797512033389861596406043917782503",
"42408459506568958247370082256356681273",
"100367277278541251270000646040197848271",
"96566641927395137501024928058526547591",
"286852269919824558371675813279522387154",
"312411931610969508313865823536847928594",
"95054869301316943179642178040691984832",
"62623119817135350831957929639482943635",
"280972317271835893866219047354187031203",
"95172754879147607128967802744936275167",
"174214833522849791567883213859353312572"
]
},
"target": {
"file": "libavcodec/dnxhddec.c"
},
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/ffmpeg/ffmpeg/commit/f31fc4755f69ab26bf6e8be47875b7dcede8e29e",
"signature_version": "v1",
"id": "CVE-2017-11719-078497e0"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"201767448780033427295959325489329433342",
"42408459506568958247370082256356681273",
"100367277278541251270000646040197848271",
"96566641927395137501024928058526547591",
"286852269919824558371675813279522387154",
"312411931610969508313865823536847928594",
"95054869301316943179642178040691984832",
"62623119817135350831957929639482943635",
"280972317271835893866219047354187031203",
"95172754879147607128967802744936275167",
"174214833522849791567883213859353312572"
]
},
"target": {
"file": "libavcodec/dnxhddec.c"
},
"signature_type": "Line",
"deprecated": false,
"source": "https://github.com/ffmpeg/ffmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92",
"signature_version": "v1",
"id": "CVE-2017-11719-4cc60eb6"
},
{
"digest": {
"length": 5395.0,
"function_hash": "172783280181002362027889072661273690051"
},
"target": {
"function": "dnxhd_decode_header",
"file": "libavcodec/dnxhddec.c"
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/ffmpeg/ffmpeg/commit/296debd213bd6dce7647cedd34eb64e5b94cdc92",
"signature_version": "v1",
"id": "CVE-2017-11719-8a35a4ce"
},
{
"digest": {
"length": 5024.0,
"function_hash": "280771450698735831455461045613898131147"
},
"target": {
"function": "dnxhd_decode_header",
"file": "libavcodec/dnxhddec.c"
},
"signature_type": "Function",
"deprecated": false,
"source": "https://github.com/ffmpeg/ffmpeg/commit/f31fc4755f69ab26bf6e8be47875b7dcede8e29e",
"signature_version": "v1",
"id": "CVE-2017-11719-ddb34b56"
}
]