Wednesday, May 28, 2025

[USN-7538-1] FFmpeg vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7538-1
May 28, 2025

ffmpeg vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in FFmpeg.

Software Description:
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files

Details:

Simcha Kosman discovered that FFmpeg did not correctly handle certain
return values. An attacker could possibly use this issue to leak
sensitive information. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS
and Ubuntu 24.10. (CVE-2025-0518)

It was discovered that FFmpeg did not correctly handle certain memory
operations. A remote attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. This issue only affected
Ubuntu 24.10. (CVE-2025-1816)

It was discovered that FFmpeg contained a reachable assertion, which
could lead to a failure when processing certain AAC files. If a user or
automated system were tricked into opening a specially crafted AAC file,
an attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 24.10.
(CVE-2025-22919)

It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-22921)

It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 24.10 and Ubuntu 25.04. (CVE-2025-25473)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
ffmpeg 7:7.1.1-1ubuntu1.1
libavcodec-extra61 7:7.1.1-1ubuntu1.1
libavcodec61 7:7.1.1-1ubuntu1.1
libavdevice61 7:7.1.1-1ubuntu1.1
libavfilter-extra10 7:7.1.1-1ubuntu1.1
libavfilter10 7:7.1.1-1ubuntu1.1
libavformat-extra61 7:7.1.1-1ubuntu1.1
libavformat61 7:7.1.1-1ubuntu1.1
libavutil59 7:7.1.1-1ubuntu1.1
libpostproc58 7:7.1.1-1ubuntu1.1
libswresample5 7:7.1.1-1ubuntu1.1
libswscale8 7:7.1.1-1ubuntu1.1

Ubuntu 24.10
ffmpeg 7:7.0.2-3ubuntu1.1
libavcodec-extra61 7:7.0.2-3ubuntu1.1
libavcodec61 7:7.0.2-3ubuntu1.1
libavdevice61 7:7.0.2-3ubuntu1.1
libavfilter-extra10 7:7.0.2-3ubuntu1.1
libavfilter10 7:7.0.2-3ubuntu1.1
libavformat-extra61 7:7.0.2-3ubuntu1.1
libavformat61 7:7.0.2-3ubuntu1.1
libavutil59 7:7.0.2-3ubuntu1.1
libpostproc58 7:7.0.2-3ubuntu1.1
libswresample5 7:7.0.2-3ubuntu1.1
libswscale8 7:7.0.2-3ubuntu1.1

Ubuntu 24.04 LTS
ffmpeg 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavcodec-extra60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavcodec60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavdevice60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavfilter-extra9 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavfilter9 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavformat-extra60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavformat60 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libavutil58 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libpostproc57 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libswresample4 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro
libswscale7 7:6.1.1-3ubuntu5+esm3
Available with Ubuntu Pro

Ubuntu 22.04 LTS
ffmpeg 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavcodec-extra58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavcodec58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavdevice58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavfilter-extra7 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavfilter7 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavformat-extra58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavformat58 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libavutil56 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libpostproc55 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libswresample3 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro
libswscale5 7:4.4.2-0ubuntu0.22.04.1+esm7
Available with Ubuntu Pro

Ubuntu 20.04 LTS
ffmpeg 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec-extra58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavdevice58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter-extra7 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter7 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavformat58 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavresample4 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavutil56 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libpostproc55 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswresample3 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswscale5 7:4.2.7-0ubuntu0.1+esm8
Available with Ubuntu Pro

Ubuntu 18.04 LTS
ffmpeg 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec-extra57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavcodec57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavdevice57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter-extra6 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavfilter6 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavformat57 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavresample3 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libavutil55 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libpostproc54 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswresample2 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro
libswscale4 7:3.4.11-0ubuntu0.1+esm8
Available with Ubuntu Pro

Ubuntu 16.04 LTS
ffmpeg 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libav-tools 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavcodec-ffmpeg-extra56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavcodec-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavdevice-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavfilter-ffmpeg5 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavformat-ffmpeg56 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavresample-ffmpeg2 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libavutil-ffmpeg54 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libpostproc-ffmpeg53 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libswresample-ffmpeg1 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro
libswscale-ffmpeg3 7:2.8.17-0ubuntu0.1+esm10
Available with Ubuntu Pro

After a standard system update you need to restart FFmpeg to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7538-1
CVE-2025-0518, CVE-2025-1816, CVE-2025-22919, CVE-2025-22921,
CVE-2025-25473

Package Information:
https://launchpad.net/ubuntu/+source/ffmpeg/7:7.1.1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/ffmpeg/7:7.0.2-3ubuntu1.1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)