rpms/ffmpeg
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

[security][CRITICAL] ffmpeg 8.0.1: 9 CVE require triage #1

New issue
Open
opened 2026-05-25 20:43:23 +03:00 by sbelikov · 0 comments
sbelikov commented 2026-05-25 20:43:23 +03:00
Owner
Copy link

CVE triage request / Запрос на разбор CVE

Package / Пакет

  • Package: ffmpeg
  • Version: 8.0.1
  • EVR: 8.0.1-1
  • Category: -
  • Policy class: -
  • NiceOS policy class: -
  • Owner: -
  • Severity: CRITICAL
  • Max CVSS: 9.8
  • CVE count: 9
  • Included NiceOS statuses: needs_triage
  • Included match types: cpe-exact, cpe-range

LLM recommendation / Рекомендация LLM

RU

Для пакета ffmpeg 8.0.1 найдены CVE-кандидаты по данным NVD/CPE: CVE-2023-51791, CVE-2023-51793, CVE-2023-51794, CVE-2023-51795, CVE-2023-51798, CVE-2026-30997, CVE-2026-30998, CVE-2026-30999, CVE-2026-40962. Требуется triage security-team.

Проверить применимость CVE к сборке НАЙС.ОС, сопоставить с upstream/vendor advisory, определить статус affected/fixed/not_affected и при необходимости подготовить обновление пакета.

Рекомендуемое действие: needs_triage

Подсказка по целевой версии: -

Проверки: Проверить сборку RPM, обновление пакета, совместимость зависимостей, service/CLI smoke tests и регрессионные сценарии по классу пакета.

Риски: Автоматическое совпадение NVD/CPE не является финальным вердиктом по НАЙС.ОС.

EN

NVD/CPE candidate CVEs were found for ffmpeg 8.0.1: CVE-2023-51791, CVE-2023-51793, CVE-2023-51794, CVE-2023-51795, CVE-2023-51798, CVE-2026-30997, CVE-2026-30998, CVE-2026-30999, CVE-2026-40962. Security-team triage is required.

Verify CVE applicability to the NiceOS build, compare with upstream/vendor advisories, set affected/fixed/not_affected status, and prepare a package update if required.

Recommended action: needs_triage

Target version hint: -

Tests: Run RPM build, package upgrade, dependency compatibility, service/CLI smoke tests, and package-class-specific regression tests.

Risks: An automatic NVD/CPE match is not the final NiceOS vulnerability verdict.

CVE candidates from NVD/CPE

CVE Severity CVSS Match Confidence NiceOS status Fixed in Existing issue Reason
CVE-2026-40962 CRITICAL 9.8 cpe-range 85 needs_triage package version is inside version range
CVE-2023-51795 HIGH 8.0 cpe-exact 85 needs_triage exact CPE version match: package 8.0.1 == CPE 8.0.1
CVE-2023-51791 HIGH 7.8 cpe-exact 85 needs_triage exact CPE version match: package 8.0.1 == CPE 8.0.1
CVE-2023-51793 HIGH 7.8 cpe-exact 85 needs_triage exact CPE version match: package 8.0.1 == CPE 8.0.1
CVE-2023-51794 HIGH 7.8 cpe-exact 85 needs_triage exact CPE version match: package 8.0.1 == CPE 8.0.1
CVE-2023-51798 HIGH 7.8 cpe-exact 85 needs_triage exact CPE version match: package 8.0.1 == CPE 8.0.1
CVE-2026-30997 HIGH 7.5 cpe-range 85 needs_triage package version is inside version range
CVE-2026-30998 HIGH 7.5 cpe-range 85 needs_triage package version is inside version range
CVE-2026-30999 HIGH 7.5 cpe-range 85 needs_triage package version is inside version range

Descriptions

CVE-2026-40962

FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.

CVE-2023-51795

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame

CVE-2023-51791

Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.

CVE-2023-51793

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.

CVE-2023-51794

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.

CVE-2023-51798

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.

CVE-2026-30997

An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2026-30998

An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file.

CVE-2026-30999

A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Scanner integration / Интеграция со сканером

This issue was generated from niceos_cve_matches after the SPEC/Forgejo evidence pass.
After real creation, this script writes forgejo_issue_open rows into niceos_cve_evidence and marks the selected CVE rows as issue_open, so the next scanner/creator run does not duplicate the issue.

Maintainer checklist

  • Verify whether each CVE applies to the NiceOS build.
  • Compare NVD data with upstream/vendor advisory.
  • Set final NiceOS status: affected, fixed, not_affected, false_positive, deferred, or not_in_cloud_image.
  • If affected, decide update/backport strategy according to package policy class.
  • Run package-class-specific build, upgrade and regression tests.
  • Add/update niceos_cve_triage entry.
  • Create NICE-SA advisory if a security update is shipped.

Machine metadata

{
  "cves": [
    "CVE-2023-51791",
    "CVE-2023-51793",
    "CVE-2023-51794",
    "CVE-2023-51795",
    "CVE-2023-51798",
    "CVE-2026-30997",
    "CVE-2026-30998",
    "CVE-2026-30999",
    "CVE-2026-40962"
  ],
  "fingerprint": "e9298bb746ec4c0e2aca",
  "generated_at": "2026-05-25T17:43:22Z",
  "match_ids": [
    1234,
    1235,
    1236,
    1239,
    1240,
    1246,
    1247,
    1248,
    1249
  ],
  "match_types": [
    "cpe-exact",
    "cpe-range"
  ],
  "package": "ffmpeg",
  "prompt_version": "niceos_cve_issue_analysis_v2",
  "statuses": [
    "needs_triage"
  ],
  "tool": "niceos_cve_create_issues.py",
  "tool_version": "2.0",
  "version": "8.0.1"
}
<!-- niceos-cve-fingerprint: e9298bb746ec4c0e2aca --> <!-- niceos-cve-package: ffmpeg --> <!-- niceos-cve-cves: CVE-2023-51791, CVE-2023-51793, CVE-2023-51794, CVE-2023-51795, CVE-2023-51798, CVE-2026-30997, CVE-2026-30998, CVE-2026-30999, CVE-2026-40962 --> <!-- niceos-cve-source: niceos_cve_scan_packages_auto_cpe --> # CVE triage request / Запрос на разбор CVE ## Package / Пакет - Package: `ffmpeg` - Version: `8.0.1` - EVR: `8.0.1-1` - Category: `-` - Policy class: `-` - NiceOS policy class: `-` - Owner: `-` - Severity: `CRITICAL` - Max CVSS: `9.8` - CVE count: `9` - Included NiceOS statuses: `needs_triage` - Included match types: `cpe-exact, cpe-range` ## LLM recommendation / Рекомендация LLM ### RU Для пакета ffmpeg 8.0.1 найдены CVE-кандидаты по данным NVD/CPE: CVE-2023-51791, CVE-2023-51793, CVE-2023-51794, CVE-2023-51795, CVE-2023-51798, CVE-2026-30997, CVE-2026-30998, CVE-2026-30999, CVE-2026-40962. Требуется triage security-team. Проверить применимость CVE к сборке НАЙС.ОС, сопоставить с upstream/vendor advisory, определить статус affected/fixed/not_affected и при необходимости подготовить обновление пакета. **Рекомендуемое действие:** `needs_triage` **Подсказка по целевой версии:** `-` **Проверки:** Проверить сборку RPM, обновление пакета, совместимость зависимостей, service/CLI smoke tests и регрессионные сценарии по классу пакета. **Риски:** Автоматическое совпадение NVD/CPE не является финальным вердиктом по НАЙС.ОС. ### EN NVD/CPE candidate CVEs were found for ffmpeg 8.0.1: CVE-2023-51791, CVE-2023-51793, CVE-2023-51794, CVE-2023-51795, CVE-2023-51798, CVE-2026-30997, CVE-2026-30998, CVE-2026-30999, CVE-2026-40962. Security-team triage is required. Verify CVE applicability to the NiceOS build, compare with upstream/vendor advisories, set affected/fixed/not_affected status, and prepare a package update if required. **Recommended action:** `needs_triage` **Target version hint:** `-` **Tests:** Run RPM build, package upgrade, dependency compatibility, service/CLI smoke tests, and package-class-specific regression tests. **Risks:** An automatic NVD/CPE match is not the final NiceOS vulnerability verdict. ## CVE candidates from NVD/CPE | CVE | Severity | CVSS | Match | Confidence | NiceOS status | Fixed in | Existing issue | Reason | |---|---|---:|---|---:|---|---|---|---| | CVE-2026-40962 | CRITICAL | 9.8 | cpe-range | 85 | needs_triage | | | package version is inside version range | | CVE-2023-51795 | HIGH | 8.0 | cpe-exact | 85 | needs_triage | | | exact CPE version match: package 8.0.1 == CPE 8.0.1 | | CVE-2023-51791 | HIGH | 7.8 | cpe-exact | 85 | needs_triage | | | exact CPE version match: package 8.0.1 == CPE 8.0.1 | | CVE-2023-51793 | HIGH | 7.8 | cpe-exact | 85 | needs_triage | | | exact CPE version match: package 8.0.1 == CPE 8.0.1 | | CVE-2023-51794 | HIGH | 7.8 | cpe-exact | 85 | needs_triage | | | exact CPE version match: package 8.0.1 == CPE 8.0.1 | | CVE-2023-51798 | HIGH | 7.8 | cpe-exact | 85 | needs_triage | | | exact CPE version match: package 8.0.1 == CPE 8.0.1 | | CVE-2026-30997 | HIGH | 7.5 | cpe-range | 85 | needs_triage | | | package version is inside version range | | CVE-2026-30998 | HIGH | 7.5 | cpe-range | 85 | needs_triage | | | package version is inside version range | | CVE-2026-30999 | HIGH | 7.5 | cpe-range | 85 | needs_triage | | | package version is inside version range | ## Descriptions ### CVE-2026-40962 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c. ### CVE-2023-51795 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame ### CVE-2023-51791 Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map. ### CVE-2023-51793 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. ### CVE-2023-51794 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. ### CVE-2023-51798 Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. ### CVE-2026-30997 An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. ### CVE-2026-30998 An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file. ### CVE-2026-30999 A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. ## Scanner integration / Интеграция со сканером This issue was generated from `niceos_cve_matches` after the SPEC/Forgejo evidence pass. After real creation, this script writes `forgejo_issue_open` rows into `niceos_cve_evidence` and marks the selected CVE rows as `issue_open`, so the next scanner/creator run does not duplicate the issue. ## Maintainer checklist - [ ] Verify whether each CVE applies to the NiceOS build. - [ ] Compare NVD data with upstream/vendor advisory. - [ ] Set final NiceOS status: `affected`, `fixed`, `not_affected`, `false_positive`, `deferred`, or `not_in_cloud_image`. - [ ] If affected, decide update/backport strategy according to package policy class. - [ ] Run package-class-specific build, upgrade and regression tests. - [ ] Add/update `niceos_cve_triage` entry. - [ ] Create `NICE-SA` advisory if a security update is shipped. ## Machine metadata ```json { "cves": [ "CVE-2023-51791", "CVE-2023-51793", "CVE-2023-51794", "CVE-2023-51795", "CVE-2023-51798", "CVE-2026-30997", "CVE-2026-30998", "CVE-2026-30999", "CVE-2026-40962" ], "fingerprint": "e9298bb746ec4c0e2aca", "generated_at": "2026-05-25T17:43:22Z", "match_ids": [ 1234, 1235, 1236, 1239, 1240, 1246, 1247, 1248, 1249 ], "match_types": [ "cpe-exact", "cpe-range" ], "package": "ffmpeg", "prompt_version": "niceos_cve_issue_analysis_v2", "statuses": [ "needs_triage" ], "tool": "niceos_cve_create_issues.py", "tool_version": "2.0", "version": "8.0.1" } ```
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
niceos-5.2
No results found.
Labels
Clear labels   
auto-analysis
Created by niceos_cve_create_issues.py

  
cve
Created by niceos_cve_create_issues.py

  
match-cpe-exact
Created by niceos_cve_create_issues.py

  
match-cpe-range
Created by niceos_cve_create_issues.py

  
needs-triage
Created by niceos_cve_create_issues.py

  
security
Created by niceos_cve_create_issues.py

  
severity-critical
Created by niceos_cve_create_issues.py

  
source-niceos-scan
Created by niceos_cve_create_issues.py

  
source-nvd
Created by niceos_cve_create_issues.py

No labels
auto-analysis
cve
match-cpe-exact
match-cpe-range
needs-triage
security
severity-critical
source-niceos-scan
source-nvd
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
rpms/ffmpeg#1
No description provided.