CVE-2016-5199

NameCVE-2016-5199
DescriptionAn off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-3731-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ffmpeg (PTS)buster7:4.1.9-0+deb10u1fixed
buster (security)7:4.1.11-0+deb10u1fixed
bullseye (security), bullseye7:4.3.6-0+deb11u1fixed
bookworm, bookworm (security)7:5.1.4-0+deb12u1fixed
trixie7:6.1.1-1fixed
sid7:6.1.1-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
chromium-browsersourcewheezy(unfixed)end-of-life
chromium-browsersourcejessie55.0.2883.75-1~deb8u1DSA-3731-1
chromium-browsersource(unstable)44.0.2403.157-1
ffmpegsource(unstable)7:3.2-1
libavsourcejessie(not affected)
libavsource(unstable)(unfixed)

Notes

[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
[jessie] - libav <not-affected> (Vulnerable code not present)
https://chromium-review.googlesource.com/383956
https://github.com/FFmpeg/FFmpeg/commit/347cb14b7cba7560e53f4434b419b9d8800253e7
Search for package or bug name: Reporting problems