openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:1450-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2025.1450.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:1450-1)

Resumen: The remote host is missing an update for the 'ffmpeg' package(s) announced via the SUSE-SU-2025:1450-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ffmpeg' package(s) announced via the SUSE-SU-2025:1450-1 advisory.

Vulnerability Insight:
This update for ffmpeg fixes the following issues:

- CVE-2025-22921: Clear array length when freeing it. (bsc#1237382)
- CVE-2025-0518: Fix memory data leak when use sscanf(). (bsc#1236007)
- CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate >= 0. (bsc#1237371)
- CVE-2024-12361: Add check for av_packet_new_side_data() to avoid null pointer dereference if allocation fails. (bsc#1237358)
- CVE-2024-36613: Adjust order of operations around block align. (bsc#1235092)
- CVE-2024-35365: Fix double-free on error. (bsc#1235091)
- CVE-2024-35368: Fix double-free on the AVFrame is unreferenced. (bsc#1234028)
- CVE-2023-51793: Fix out of array access. (bsc#1223272).
- CVE-2023-51793: Fixed a heap buffer overflow in the image_copy_plane function in libavutil/imgutils.c (bsc#1223272).

Affected Software/OS:
'ffmpeg' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-51793
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
https://ffmpeg.org/
https://trac.ffmpeg.org/ticket/10743
Common Vulnerability Exposure (CVE) ID: CVE-2024-12361
Common Vulnerability Exposure (CVE) ID: CVE-2024-35365
Common Vulnerability Exposure (CVE) ID: CVE-2024-35368
Common Vulnerability Exposure (CVE) ID: CVE-2024-36613
Common Vulnerability Exposure (CVE) ID: CVE-2025-0518
Common Vulnerability Exposure (CVE) ID: CVE-2025-22919
Common Vulnerability Exposure (CVE) ID: CVE-2025-22921

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2025.1450.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:1450-1)
Resumen:	The remote host is missing an update for the 'ffmpeg' package(s) announced via the SUSE-SU-2025:1450-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ffmpeg' package(s) announced via the SUSE-SU-2025:1450-1 advisory. Vulnerability Insight: This update for ffmpeg fixes the following issues: - CVE-2025-22921: Clear array length when freeing it. (bsc#1237382) - CVE-2025-0518: Fix memory data leak when use sscanf(). (bsc#1236007) - CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate >= 0. (bsc#1237371) - CVE-2024-12361: Add check for av_packet_new_side_data() to avoid null pointer dereference if allocation fails. (bsc#1237358) - CVE-2024-36613: Adjust order of operations around block align. (bsc#1235092) - CVE-2024-35365: Fix double-free on error. (bsc#1235091) - CVE-2024-35368: Fix double-free on the AVFrame is unreferenced. (bsc#1234028) - CVE-2023-51793: Fix out of array access. (bsc#1223272). - CVE-2023-51793: Fixed a heap buffer overflow in the image_copy_plane function in libavutil/imgutils.c (bsc#1223272). Affected Software/OS: 'ffmpeg' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-51793 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ https://ffmpeg.org/ https://trac.ffmpeg.org/ticket/10743 Common Vulnerability Exposure (CVE) ID: CVE-2024-12361 Common Vulnerability Exposure (CVE) ID: CVE-2024-35365 Common Vulnerability Exposure (CVE) ID: CVE-2024-35368 Common Vulnerability Exposure (CVE) ID: CVE-2024-36613 Common Vulnerability Exposure (CVE) ID: CVE-2025-0518 Common Vulnerability Exposure (CVE) ID: CVE-2025-22919 Common Vulnerability Exposure (CVE) ID: CVE-2025-22921
Copyright	Copyright (C) 2025 Greenbone AG