Launchpad CVE tracker

CVE 2016-6164

Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.

Related bugs and status

CVE-2016-6164 (Candidate) is related to these bugs:

Bug #1581156: Update to bugfix release 2.8.8 in Xenial

Summary				In	Importance	Status
	1581156	Update to bugfix release 2.8.8 in Xenial		ffmpeg (Ubuntu)	High	Fix Released
	1581156	Update to bugfix release 2.8.8 in Xenial		One Hundred Papercuts	High	Fix Released

Bug #1635443: Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	1635443	Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)		ffmpeg (Ubuntu)	Wishlist	Fix Released

Bug #1648265: FFmpeg security fixes December 2016 (yakkety)

Summary				In	Importance	Status
	1648265	FFmpeg security fixes December 2016 (yakkety)		ffmpeg (Ubuntu Yakkety)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-6164

References