Fix potential vulnerability in cloned code #295

manh-td · 2025-12-19T01:48:49Z

manh-td commented

2025-12-19 01:48:49 +00:00

This PR fixes a potential security vulnerability in mv_read_header that was cloned from FFmpeg/FFmpeg but did not receive the security patch.

Vulnerability Details:

Affected Function: mv_read_header in contrib/sdk/sources/ffmpeg/ffmpeg-2.1/libavformat/mvdec.c
Original Fix: 4f05e2e2dc

What this PR does: This PR applies the same security patch that was applied to the original repository to eliminate the potential vulnerability in the cloned code.

References:

Please review and merge this PR to ensure your repository is protected against this vulnerability.

This PR fixes a potential security vulnerability in `mv_read_header` that was cloned from `FFmpeg/FFmpeg` but did not receive the security patch. **Vulnerability Details:** * **Affected Function**: `mv_read_header` in `contrib/sdk/sources/ffmpeg/ffmpeg-2.1/libavformat/mvdec.c` * **Original Fix**: https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e **What this PR does:** This PR applies the same security patch that was applied to the original repository to eliminate the potential vulnerability in the cloned code. **References:** * https://github.com/FFmpeg/FFmpeg/commit/4f05e2e2dc1a89f38cd9f0960a6561083d714f1e * [CVE-2017-14055](https://nvd.nist.gov/vuln/detail/CVE-2017-14055) Please review and merge this PR to ensure your repository is protected against this vulnerability.

manh-td added 1 commit 2025-12-19 01:48:49 +00:00

Fix DoS due to lack of eof check

Build system / Check kernel codestyle (pull_request) Successful in 2m22s

Details

Build system / Build (pull_request) Successful in 36m9s

Details

f1b4023d99

manh-td referenced this pull request

2025-12-22 04:34:42 +00:00

Fix potential vulnerabilities in cloned code #300

mxlgv commented

2026-01-07 01:32:45 +00:00