Oval Definition:oval:com.ubuntu.xenial:def:201717081000
Revision Date:2017-11-30Version:1
Title:CVE-2017-17081 on Ubuntu 16.04 LTS (xenial) - low.
Description:The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read) via a crafted MPEG file.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-17081
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'chromium-browser' package in xenial is not affected (note: '65.0.3325.181-0ubuntu0.16.04.1').
  • OR The 'ffmpeg' package in xenial was vulnerable but has been fixed (note: '7:2.8.14-0ubuntu0.16.04.1').
  • OR The vulnerability of the 'gst-libav1.0' package in xenial is not known (status: 'needs-triage'). It is pending evaluation.
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'Ubuntu touch end-of-life').
  • OR NOT While related to the CVE in some way, the 'vlc' package in xenial is not affected (note: 'code not present').
  • BACK