CVE-2019-9718

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkupto_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

References

Affected packages

Debian:11 / ffmpeg

Package

Name: ffmpeg
Purl: pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7:4.1.3-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / ffmpeg

Package

Name: ffmpeg
Purl: pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7:4.1.3-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / ffmpeg

Package

Name: ffmpeg
Purl: pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7:4.1.3-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / ffmpeg

Package

Name: ffmpeg
Purl: pkg:deb/debian/ffmpeg?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7:4.1.3-1

Ecosystem specific

{
    "urgency": "low"
}

Git / git.ffmpeg.org/ffmpeg.git

Affected ranges

Type: GIT
Repo: https://git.ffmpeg.org/ffmpeg.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1f00c97bc3475c477f3c468cf2d924d5761d0982

Type: GIT
Repo: https://github.com/ffmpeg/ffmpeg
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

23ccf3cabb4baf6e8af4b1af3fcc59c904736f21

Affected versions

Other

n0.*

n0.11-dev

n0.12-dev

n0.8

n1.*

n1.1-dev

n1.2-dev

n1.3-dev

n2.*

n2.0

n2.1-dev

n2.2-dev

n2.3-dev

n2.4-dev

n2.5-dev

n2.6-dev

n2.7-dev

n2.8-dev

n2.9-dev

n3.*

n3.1-dev

n3.2

n3.2-dev

n3.2.1

n3.2.10

n3.2.11

n3.2.12

n3.2.13

n3.2.2

n3.2.3

n3.2.4

n3.2.5

n3.2.6

n3.2.7

n3.2.8

n3.2.9

n3.3-dev

n3.4-dev

n3.5-dev

n4.*

n4.1-dev

n4.2-dev

Database specific

{
    "vanir_signatures": [
        {
            "source": "https://github.com/ffmpeg/ffmpeg/commit/23ccf3cabb4baf6e8af4b1af3fcc59c904736f21",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2019-9718-755ab778",
            "digest": {
                "function_hash": "134429341697870814247987316111924007456",
                "length": 3632.0
            },
            "signature_type": "Function",
            "target": {
                "file": "libavcodec/htmlsubtitles.c",
                "function": "ff_htmlmarkup_to_ass"
            }
        },
        {
            "source": "https://github.com/ffmpeg/ffmpeg/commit/23ccf3cabb4baf6e8af4b1af3fcc59c904736f21",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2019-9718-da1a4911",
            "digest": {
                "line_hashes": [
                    "146229409084369695006291932218330531278",
                    "186871920662715219977446106701134555870",
                    "310562769026243982809424482522257025845",
                    "34344457376983665913898773828430549216",
                    "260166848363255873671710857472511837215",
                    "80024346695892532889397988976103392180",
                    "202968329324838149850240999019982554458"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "target": {
                "file": "libavcodec/htmlsubtitles.c"
            }
        }
    ]
}