The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.
Synthesis of the vulnerability
An attacker can force a read at an invalid address via block_cmp() of FFmpeg, in order to trigger a denial of service, or to obtain sensitive information.Vulnerable software: Ubuntu.Severity of this announce: 2/4.Creation date: 23/07/2020.Références of this computer vulnerability: CVE-2019-13312, USN-4431-1, VIGILANCE-VUL-32905.
Description of the vulnerability
An attacker can force a read at an invalid address via block_cmp() of FFmpeg, in order to trigger a denial of service, or to obtain sensitive information.Full bulletin, software filtering, emails, fixes, ... (Request your free trial)
This cybersecurity bulletin impacts software or systems such as Ubuntu.
Our Vigil@nce team determined that the severity of this cybersecurity weakness is medium.
The trust level is of type confirmed by the editor, with an origin of document.
An attacker with a expert ability can exploit this computer vulnerability bulletin.
Solutions for this threat
Ubuntu: new ffmpeg packages (23/07/2020).New packages are available: Ubuntu 20.04 LTS: ffmpeg 7:4.2.4-1ubuntu0.1 Ubuntu 18.04 LTS: ffmpeg 7:3.4.8-0ubuntu0.2 Ubuntu 16.04 LTS: ffmpeg 7:2.8.17-0ubuntu0.1Full bulletin, software filtering, emails, fixes, ... (Request your free t ..
Support the originator by clicking the read the rest link below.
