CVE-2017-9991

NameCVE-2017-9991
DescriptionHeap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ffmpeg (PTS)buster7:4.1.9-0+deb10u1fixed
buster (security)7:4.1.11-0+deb10u1fixed
bullseye (security), bullseye7:4.3.6-0+deb11u1fixed
bookworm, bookworm (security)7:5.1.4-0+deb12u1fixed
trixie7:6.1.1-1fixed
sid7:6.1.1-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ffmpegsource(unstable)7:3.2.5-1
libavsource(unstable)(not affected)

Notes

- libav <not-affected> (Vulnerable feature not present)
https://github.com/FFmpeg/FFmpeg/commit/441026fcb13ac23aa10edc312bdacb6445a0ad06
The error occurs in the support for 8bpp XWD images where bpp and image
depth are not checked thoroughly enough. Libav does not support 8bpp
images and bails out early -- Diego Biurrun (libav project)

Search for package or bug name: Reporting problems