Launchpad CVE tracker

CVE 2016-6881

The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file.

Related bugs and status

CVE-2016-6881 (Candidate) is related to these bugs:

Bug #1581156: Update to bugfix release 2.8.8 in Xenial

Summary				In	Importance	Status
	1581156	Update to bugfix release 2.8.8 in Xenial		ffmpeg (Ubuntu)	High	Fix Released
	1581156	Update to bugfix release 2.8.8 in Xenial		One Hundred Papercuts	High	Fix Released

Bug #1635443: Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	1635443	Sync ffmpeg 7:3.1.5-1 (universe) from Debian unstable (main)		ffmpeg (Ubuntu)	Wishlist	Fix Released

Bug #1648265: FFmpeg security fixes December 2016 (yakkety)

Summary				In	Importance	Status
	1648265	FFmpeg security fixes December 2016 (yakkety)		ffmpeg (Ubuntu Yakkety)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-6881

References