Advisories » MGASA-2025-0057

Updated ffmpeg packages fix security vulnerability

Publication date: 12 Feb 2025
Modification date: 12 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-49528

Description

A buffer overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5,
allows a local attacker to execute arbitrary code and cause a denial of
service (DoS) via af_dialoguenhance.c:261:5 in the de_stereo
component. (CVE-2023-49528)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33430
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3BMDGSJN6WOKM5DG6WR4ITFVPI77UHH/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49528

SRPMS

9/core

• ffmpeg-5.1.6-1.1.mga9

9/tainted

• ffmpeg-5.1.6-1.1.mga9.tainted