Vulnerability Description
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libav | Libav | 13_dev0 |
| Ffmpeg | Ffmpeg | 3.4 |
| Chrome | <= 56.0.2924 |
Related Weaknesses (CWE)
References
- https://bugzilla.libav.org/show_bug.cgi?id=952ExploitIssue TrackingThird Party Advisory
- https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/8e313ca08800178eIssue TrackingPatch
- https://lists.debian.org/debian-lts-announce/2019/03/msg00041.html
- https://lists.ffmpeg.org/pipermail/ffmpeg-cvslog/2017-January/104221.htmlIssue TrackingPatch
- https://bugzilla.libav.org/show_bug.cgi?id=952ExploitIssue TrackingThird Party Advisory
- https://chromium.googlesource.com/chromium/third_party/ffmpeg/+/8e313ca08800178eIssue TrackingPatch
- https://lists.debian.org/debian-lts-announce/2019/03/msg00041.html
- https://lists.ffmpeg.org/pipermail/ffmpeg-cvslog/2017-January/104221.htmlIssue TrackingPatch
FAQ
What is CVE-2017-1000460?
CVE-2017-1000460 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized ge...
How severe is CVE-2017-1000460?
CVE-2017-1000460 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1000460?
Check the references section above for vendor advisories and patch information. Affected products include: Libav Libav, Ffmpeg Ffmpeg, Google Chrome.