CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name	Vendor	Start Version	End Version
Ffmpeg	Ffmpeg	3.4 (including)	3.4 (including)
Ffmpeg	Ffmpeg	4.1.2 (including)	4.1.2 (including)
Ffmpeg	Ubuntu	bionic	*
Ffmpeg	Ubuntu	cosmic	*
Ffmpeg	Ubuntu	disco	*
Ffmpeg	Ubuntu	esm-apps/bionic	*
Ffmpeg	Ubuntu	esm-apps/xenial	*
Ffmpeg	Ubuntu	xenial	*

Potential Mitigations

References

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html
http://www.securityfocus.com/bid/108034
https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e
https://github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b
https://lists.debian.org/debian-lts-announce/2019/05/msg00043.html
https://seclists.org/bugtraq/2019/May/60
https://usn.ubuntu.com/3967-1/
https://usn.ubuntu.com/4431-1/
https://www.debian.org/security/2019/dsa-4449
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html
http://www.securityfocus.com/bid/108034
https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e
https://github.com/FFmpeg/FFmpeg/commit/9ccc633068c6fe76989f487c8932bd11886ad65b
https://lists.debian.org/debian-lts-announce/2019/05/msg00043.html
https://seclists.org/bugtraq/2019/May/60
https://usn.ubuntu.com/3967-1/
https://usn.ubuntu.com/4431-1/
https://www.debian.org/security/2019/dsa-4449

NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-11338
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References