UBUNTU-CVE-2024-7055
- Source
- https://ubuntu.com/security/CVE-2024-7055
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-7055.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-7055
- Upstream
- Downstream
- Related
- Published
- 2024-08-06T06:15:00Z
- Modified
- 2025-10-24T05:06:46Z
- Severity
-
- 6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.
- References
-
- https://ubuntu.com/security/CVE-2024-7055
- https://www.cve.org/CVERecord?id=CVE-2024-7055
- https://vuldb.com/?id.273651
- https://vuldb.com/?ctiid.273651
- https://vuldb.com/?submit.376532
- https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc3
- https://ffmpeg.org/download.html
- https://ffmpeg.org/
- https://ubuntu.com/security/notices/USN-7823-1
Affected packages
Ubuntu:Pro:14.04:LTS / libav
Package
- Name
- libav
- Purl
- pkg:deb/ubuntu/libav@6:9.20-0ubuntu0.14.04.1+esm1?arch=source&distro=esm-infra-legacy/trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6:0.*
6:0.8.7-1ubuntu2
6:9.*
6:9.10-1ubuntu1
6:9.10-1ubuntu2
6:9.10-1ubuntu5
6:9.10-1ubuntu6
6:9.10-1ubuntu7
6:9.11-2ubuntu1
6:9.11-2ubuntu2
6:9.13-0ubuntu0.14.04.1
6:9.14-0ubuntu0.14.04.1
6:9.16-0ubuntu0.14.04.1
6:9.18-0ubuntu0.14.04.1
6:9.20-0ubuntu0.14.04.1
6:9.20-0ubuntu0.14.04.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libav-tools",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavcodec-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavcodec-extra",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavcodec-extra-54",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavcodec54",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavdevice-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavdevice-extra-53",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavdevice53",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavfilter-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavfilter-extra-3",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavfilter3",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavformat-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavformat-extra-54",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavformat54",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavresample-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavresample1",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavutil-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavutil-extra-52",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libavutil52",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libswscale-dev",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libswscale-extra-2",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
},
{
"binary_name": "libswscale2",
"binary_version": "6:9.20-0ubuntu0.14.04.1+esm1"
}
]
}
Ubuntu:Pro:22.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:4.4.2-0ubuntu0.22.04.1+esm9?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7:4.4.2-0ubuntu0.22.04.1+esm9
Affected versions
7:4.*
7:4.4-6ubuntu5
7:4.4.1-2ubuntu1
7:4.4.1-3ubuntu1
7:4.4.1-3ubuntu2
7:4.4.1-3ubuntu3
7:4.4.1-3ubuntu5
7:4.4.2-0ubuntu0.22.04.1
7:4.4.2-0ubuntu0.22.04.1+esm1
7:4.4.2-0ubuntu0.22.04.1+esm2
7:4.4.2-0ubuntu0.22.04.1+esm3
7:4.4.2-0ubuntu0.22.04.1+esm4
7:4.4.2-0ubuntu0.22.04.1+esm5
7:4.4.2-0ubuntu0.22.04.1+esm6
7:4.4.2-0ubuntu0.22.04.1+esm7
7:4.4.2-0ubuntu0.22.04.1+esm8
Ecosystem specific
{
"binaries": [
{
"binary_name": "ffmpeg",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavcodec-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavcodec-extra",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavcodec-extra58",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavcodec58",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavdevice-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavdevice58",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavfilter-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavfilter-extra",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavfilter-extra7",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavfilter7",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavformat-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavformat-extra",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavformat-extra58",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavformat58",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavutil-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libavutil56",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libpostproc-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libpostproc55",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libswresample-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libswresample3",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libswscale-dev",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
},
{
"binary_name": "libswscale5",
"binary_version": "7:4.4.2-0ubuntu0.22.04.1+esm9"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Ubuntu:Pro:24.04:LTS / ffmpeg
Package
- Name
- ffmpeg
- Purl
- pkg:deb/ubuntu/ffmpeg@7:6.1.1-3ubuntu5+esm5?arch=source&distro=esm-apps/noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7:6.1.1-3ubuntu5+esm5
Affected versions
7:6.*
7:6.0-6ubuntu1
7:6.0-9ubuntu1
7:6.1-2ubuntu1
7:6.1-3ubuntu1
7:6.1-4ubuntu1
7:6.1-5ubuntu1
7:6.1.1-1ubuntu1
7:6.1.1-3ubuntu1
7:6.1.1-3ubuntu5
7:6.1.1-3ubuntu5+esm1
7:6.1.1-3ubuntu5+esm2
7:6.1.1-3ubuntu5+esm3
7:6.1.1-3ubuntu5+esm4
Ecosystem specific
{
"binaries": [
{
"binary_name": "ffmpeg",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavcodec-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavcodec-extra",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavcodec-extra60",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavcodec60",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavdevice-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavdevice60",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavfilter-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavfilter-extra",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavfilter-extra9",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavfilter9",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavformat-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavformat-extra",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavformat-extra60",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavformat60",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavutil-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libavutil58",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libpostproc-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libpostproc57",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libswresample-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libswresample4",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libswscale-dev",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
},
{
"binary_name": "libswscale7",
"binary_version": "7:6.1.1-3ubuntu5+esm5"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}