Ubuntu Security Notices
USN-6983-1

USN-6983-1: FFmpeg vulnerability

Publication date

2 September 2024

Overview

FFmpeg could be made to crash or run programs as your login if it opened a specially crafted file.

Releases

24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS

Packages

ffmpeg - Tools for transcoding, streaming and playing of multimedia files

Details

Zeng Yunxiang discovered that FFmpeg incorrectly handled memory during
video encoding. An attacker could possibly use this issue to perform a
denial of service, or execute arbitrary code.

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release	Package Version
24.04 noble	ffmpeg – 7:6.1.1-3ubuntu5+esm2
	libavcodec-dev – 7:6.1.1-3ubuntu5+esm2
	libavcodec-extra60 – 7:6.1.1-3ubuntu5+esm2
	libavcodec60 – 7:6.1.1-3ubuntu5+esm2
	libavdevice60 – 7:6.1.1-3ubuntu5+esm2
	libavfilter-extra9 – 7:6.1.1-3ubuntu5+esm2
	libavfilter9 – 7:6.1.1-3ubuntu5+esm2
	libavformat-extra60 – 7:6.1.1-3ubuntu5+esm2
	libavformat60 – 7:6.1.1-3ubuntu5+esm2
	libavutil58 – 7:6.1.1-3ubuntu5+esm2
	libpostproc57 – 7:6.1.1-3ubuntu5+esm2
	libswresample4 – 7:6.1.1-3ubuntu5+esm2
	libswscale7 – 7:6.1.1-3ubuntu5+esm2
22.04 jammy	ffmpeg – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavcodec-dev – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavcodec-extra58 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavcodec58 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavdevice58 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavfilter-extra7 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavfilter7 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavformat-extra58 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavformat58 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libavutil56 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libpostproc55 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libswresample3 – 7:4.4.2-0ubuntu0.22.04.1+esm5
	libswscale5 – 7:4.4.2-0ubuntu0.22.04.1+esm5
20.04 focal	ffmpeg – 7:4.2.7-0ubuntu0.1+esm6
	libavcodec-dev – 7:4.2.7-0ubuntu0.1+esm6
	libavcodec-extra58 – 7:4.2.7-0ubuntu0.1+esm6
	libavcodec58 – 7:4.2.7-0ubuntu0.1+esm6
	libavdevice58 – 7:4.2.7-0ubuntu0.1+esm6
	libavfilter-extra7 – 7:4.2.7-0ubuntu0.1+esm6
	libavfilter7 – 7:4.2.7-0ubuntu0.1+esm6
	libavformat58 – 7:4.2.7-0ubuntu0.1+esm6
	libavresample4 – 7:4.2.7-0ubuntu0.1+esm6
	libavutil56 – 7:4.2.7-0ubuntu0.1+esm6
	libpostproc55 – 7:4.2.7-0ubuntu0.1+esm6
	libswresample3 – 7:4.2.7-0ubuntu0.1+esm6
	libswscale5 – 7:4.2.7-0ubuntu0.1+esm6
18.04 bionic	ffmpeg – 7:3.4.11-0ubuntu0.1+esm6
	libavcodec-dev – 7:3.4.11-0ubuntu0.1+esm6
	libavcodec-extra57 – 7:3.4.11-0ubuntu0.1+esm6
	libavcodec57 – 7:3.4.11-0ubuntu0.1+esm6
	libavdevice57 – 7:3.4.11-0ubuntu0.1+esm6
	libavfilter-extra6 – 7:3.4.11-0ubuntu0.1+esm6
	libavfilter6 – 7:3.4.11-0ubuntu0.1+esm6
	libavformat57 – 7:3.4.11-0ubuntu0.1+esm6
	libavresample3 – 7:3.4.11-0ubuntu0.1+esm6
	libavutil55 – 7:3.4.11-0ubuntu0.1+esm6
	libpostproc54 – 7:3.4.11-0ubuntu0.1+esm6
	libswresample2 – 7:3.4.11-0ubuntu0.1+esm6
	libswscale4 – 7:3.4.11-0ubuntu0.1+esm6
16.04 xenial	ffmpeg – 7:2.8.17-0ubuntu0.1+esm8
	libav-tools – 7:2.8.17-0ubuntu0.1+esm8
	libavcodec-dev – 7:2.8.17-0ubuntu0.1+esm8
	libavcodec-ffmpeg-extra56 – 7:2.8.17-0ubuntu0.1+esm8
	libavcodec-ffmpeg56 – 7:2.8.17-0ubuntu0.1+esm8
	libavdevice-ffmpeg56 – 7:2.8.17-0ubuntu0.1+esm8
	libavfilter-ffmpeg5 – 7:2.8.17-0ubuntu0.1+esm8
	libavformat-ffmpeg56 – 7:2.8.17-0ubuntu0.1+esm8
	libavresample-ffmpeg2 – 7:2.8.17-0ubuntu0.1+esm8
	libavutil-ffmpeg54 – 7:2.8.17-0ubuntu0.1+esm8
	libpostproc-ffmpeg53 – 7:2.8.17-0ubuntu0.1+esm8
	libswresample-ffmpeg1 – 7:2.8.17-0ubuntu0.1+esm8
	libswscale-ffmpeg3 – 7:2.8.17-0ubuntu0.1+esm8

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

CVE-2024-32230

CVE-2024-32230