Vulnerability Name:

CVE-2020-35965 (CCN-194329)

Assigned:2020-10-20
Published:2020-10-20
Updated:2021-11-05
Summary:decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
7.2 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
7.0 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:H/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-787
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-35965

Source: CCN
Type: Google Security Research Issue 26532
ffmpeg:ffmpeg_AV_CODEC_ID_EXR_fuzzer: Heap-buffer-overflow in decode_frame

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26532

Source: XF
Type: UNKNOWN
ffmpeg-cve202035965-bo(194329)

Source: CCN
Type: FFMPEG Web site
FFMPEG

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/FFmpeg/FFmpeg/commit/b0a8b40294ea212c1938348ff112ef1b9bf16bb3

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210131 [SECURITY] [DLA 2537-1] ffmpeg security update

Source: GENTOO
Type: Third Party Advisory
GLSA-202105-24

Source: DEBIAN
Type: Third Party Advisory
DSA-4990

Vulnerable Configuration:Configuration 1:
  • cpe:/a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* (Version >= 4.3.1 and < 4.4)

  • Configuration 2:
  • cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:ffmpeg:ffmpeg:4.3.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7921
    P
    libavcodec57-3.4.2-150200.11.28.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7445
    P
    axis-1.4-150200.13.6.4 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7488
    P
    ecryptfs-utils-111-2.31 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:95418
    P
    Security update for booth (Important)
    2022-08-01
    oval:org.opensuse.security:def:3302
    P
    minicom-2.7-3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3570
    P
    libXvnc1-1.6.0-22.7.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94810
    P
    python3-rsa-3.4.2-3.4.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94932
    P
    libavcodec57-3.4.2-11.17.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95200
    P
    libavcodec-devel-3.4.2-11.17.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:68534
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:74387
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:5870
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:111762
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:102997
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:65319
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:10663
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:117703
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:109663
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:1043
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:101523
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:68577
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:76027
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:6210
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:108189
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:101734
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:66959
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:10700
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:118334
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:4165
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:1487
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:102131
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:70803
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:76367
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:108797
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:102067
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:95870
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:67299
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:74322
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:119803
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:4230
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:1785
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:102583
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:70840
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:65254
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:109249
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:102337
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:96325
    P
    Security update for ffmpeg (Moderate)
    2021-10-26
    BACK
    ffmpeg ffmpeg *
    debian debian linux 9.0
    debian debian linux 10.0
    ffmpeg ffmpeg 4.3.1