Detections
Analytics

SUSE SLES15 Security Update : ffmpeg-4 (SUSE-SU-2025:1128-1)

medium Nessus Plugin ID 233840

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1128-1 advisory.

 - CVE-2020-22037: Fixed unchecked return value of the init_vlc function (bsc#1186756)
 - CVE-2024-12361: Fixed null pointer dereference (bsc#1237358)
 - CVE-2024-35368: Fixed double free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c (bsc#1234028)
 - CVE-2024-36613: Fixed integer overflow in the DXA demuxer of the libavformat library (bsc#1235092)
 - CVE-2025-0518: Fixed memory leak due to unchecked sscanf return value (bsc#1236007)
 - CVE-2025-22919: Fixed denial of service (DoS) via opening a crafted AAC file (bsc#1237371)
 - CVE-2025-22921: Fixed segmentation violation in NULL pointer dereference via the component /libavcodec/jpeg2000dec.c (bsc#1237382)
 - CVE-2025-25473: Fixed memory leak in avformat_free_context() (bsc#1237351)

 Other fixes:

 - Build with SVT-AV1 3.0.0.

 - Update to release 4.4.5:
 * Adjust bconds to build the package in SLFO without xvidcore.
 * Add 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (bsc#1229338)
 * Add ffmpeg-c99.patch so that the package conforms to the C99 standard and builds on i586 with GCC 14.
 * No longer build against libmfx; build against libvpl (bsc#1230983, bsc#1219494)
 * Drop libmfx dependency from our product (jira #PED-10024)
 * Update patch to build with glslang 14
 * Disable vmaf integration as ffmpeg-4 cannot handle vmaf>=3
 * Copy codec list from ffmpeg-6
 * Resolve build failure with binutils >= 2.41. (bsc#1215945)

 - Update to version 4.4.4:
 * avcodec/012v: Order operations for odd size handling
 * avcodec/alsdec: The minimal block is at least 7 bits
 * avcodec/bink:
 - Avoid undefined out of array end pointers in binkb_decode_plane()
 - Fix off by 1 error in ref end
 * avcodec/eac3dec: avoid float noise in fixed mode addition to overflow
 * avcodec/eatgq: : Check index increments in tgq_decode_block()
 * avcodec/escape124:
 - Fix signdness of end of input check
 - Fix some return codes
 * avcodec/ffv1dec:
 - Check that num h/v slices is supported
 - Fail earlier if prior context is corrupted
 - Restructure slice coordinate reading a bit
 * avcodec/mjpegenc: take into account component count when writing the SOF header size
 * avcodec/mlpdec: Check max matrix instead of max channel in noise check
 * avcodec/motionpixels: Mask pixels to valid values
 * avcodec/mpeg12dec: Check input size
 * avcodec/nvenc:
 - Fix b-frame DTS behavior with fractional framerates
 - Fix vbv buffer size in cq mode
 * avcodec/pictordec: Remove mid exit branch
 * avcodec/pngdec: Check deloco index more exactly
 * avcodec/rpzaenc: stop accessing out of bounds frame
 * avcodec/scpr3: Check bx
 * avcodec/scpr: Test bx before use
 * avcodec/snowenc: Fix visual weight calculation
 * avcodec/speedhq: Check buf_size to be big enough for DC
 * avcodec/sunrast: Fix maplength check
 * avcodec/tests/snowenc:
 - Fix 2nd test
 - Return a failure if DWT/IDWT mismatches
 - Unbreak DWT tests
 * avcodec/tiff: Ignore tile_count
 * avcodec/utils:
 - Allocate a line more for VC1 and WMV3
 - Ensure linesize for SVQ3
 - Use 32pixel alignment for bink
 * avcodec/videodsp_template: Adjust pointers to avoid undefined pointer things
 * avcodec/vp3: Add missing check for av_malloc
 * avcodec/wavpack:
 - Avoid undefined shift in get_tail()
 - Check for end of input in wv_unpack_dsd_high()
 * avcodec/xpmdec: Check size before allocation to avoid truncation
 * avfilter/vf_untile: swap the chroma shift values used for plane offsets
 * avformat/id3v2: Check taglen in read_uslt()
 * avformat/mov: Check samplesize and offset to avoid integer overflow
 * avformat/mxfdec: Use 64bit in remainder
 * avformat/nutdec: Add check for avformat_new_stream
 * avformat/replaygain: avoid undefined / negative abs
 * swscale/input: Use more unsigned intermediates
 * swscale/output: Bias 16bps output calculations to improve non overflowing range
 * swscale: aarch64: Fix yuv2rgb with negative stride
 * Use https for repository links

 - Update to version 4.4.3:
 * Stable bug fix release, mainly codecs, filter and format fixes.

 - Add patch to detect SDL2 >= 2.1.0 (bsc#1202848):

 - Update to version 4.4.2:
 * Stable bug fix release, mainly codecs, filter and format fixes.

 - Add conflicts for ffmpeg-5's tools
 - Enable Vulkan filters
 - Fix OS version check, so nvcodec is enabled for Leap too.
 - Disamble libsmbclient usage (can always be built with
 --with-smbclient): the usecase of ffmpeg directly accessing smb:// shares is quite constructed (most users will have their smb shares mounted).

 - Update to version 4.4.1:
 * Stable bug fix release, mainly codecs and format fixes.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1186756

https://www.suse.com/security/cve/CVE-2020-22037

https://bugzilla.suse.com/1219494

https://bugzilla.suse.com/1202848

https://bugzilla.suse.com/1215945

https://bugzilla.suse.com/1229338

https://bugzilla.suse.com/1234028

https://bugzilla.suse.com/1235092

https://bugzilla.suse.com/1236007

https://bugzilla.suse.com/1237351

https://bugzilla.suse.com/1237358

https://bugzilla.suse.com/1237371

https://bugzilla.suse.com/1237382

https://www.suse.com/security/cve/CVE-2024-12361

https://www.suse.com/security/cve/CVE-2024-35368

https://www.suse.com/security/cve/CVE-2024-36613

https://www.suse.com/security/cve/CVE-2025-0518

https://www.suse.com/security/cve/CVE-2025-22919

https://www.suse.com/security/cve/CVE-2025-22921

https://www.suse.com/security/cve/CVE-2025-25473

https://bugzilla.suse.com/1230983

https://lists.suse.com/pipermail/sle-updates/2025-April/038897.html

Plugin Details

Severity: Medium

ID: 233840

File Name: suse_SU-2025-1128-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 4/4/2025

Updated: 4/4/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2020-22037

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 4.8

Threat Score: 1.9

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

CVSS Score Source: CVE-2025-0518

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:libavutil56_70, p-cpe:/a:novell:suse_linux:libswresample3_9, p-cpe:/a:novell:suse_linux:libpostproc55_9, p-cpe:/a:novell:suse_linux:libavcodec58_134, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:libavformat58_76

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/3/2025

Vulnerability Publication Date: 6/1/2021

Reference Information

CVE: CVE-2020-22037, CVE-2024-12361, CVE-2024-35368, CVE-2024-36613, CVE-2025-0518, CVE-2025-22919, CVE-2025-22921, CVE-2025-25473

SuSE: SUSE-SU-2025:1128-1