Security update for ffmpeg-4 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02972-1 Final 1 1 2025-08-25T08:46:43Z current 2025-08-25T08:46:43Z 2025-08-25T08:46:43Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ffmpeg-4 This update for ffmpeg-4 fixes the following issues: - CVE-2024-36618: Fixed integer overflow iff ULONG_MAX < INT64_MAX (bsc#1234020). - CVE-2025-7700: Fixed potential NULL pointer dereference (bsc#1246790). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-2972,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2972,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2972,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2972,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2972 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502972-1/ Link for SUSE-SU-2025:02972-1 https://lists.suse.com/pipermail/sle-updates/2025-August/041348.html E-Mail link for SUSE-SU-2025:02972-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1234018 SUSE Bug 1234018 https://bugzilla.suse.com/1234019 SUSE Bug 1234019 https://bugzilla.suse.com/1234020 SUSE Bug 1234020 https://bugzilla.suse.com/1245313 SUSE Bug 1245313 https://bugzilla.suse.com/1246790 SUSE Bug 1246790 https://www.suse.com/security/cve/CVE-2024-36618/ SUSE CVE CVE-2024-36618 page https://www.suse.com/security/cve/CVE-2025-7700/ SUSE CVE CVE-2025-7700 page SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 ffmpeg-4-4.4.6-150400.3.52.1 ffmpeg-4-libavcodec-devel-4.4.6-150400.3.52.1 ffmpeg-4-libavdevice-devel-4.4.6-150400.3.52.1 ffmpeg-4-libavfilter-devel-4.4.6-150400.3.52.1 ffmpeg-4-libavformat-devel-4.4.6-150400.3.52.1 ffmpeg-4-libavresample-devel-4.4.6-150400.3.52.1 ffmpeg-4-libavutil-devel-4.4.6-150400.3.52.1 ffmpeg-4-libpostproc-devel-4.4.6-150400.3.52.1 ffmpeg-4-libswresample-devel-4.4.6-150400.3.52.1 ffmpeg-4-libswscale-devel-4.4.6-150400.3.52.1 ffmpeg-4-private-devel-4.4.6-150400.3.52.1 libavcodec58_134-4.4.6-150400.3.52.1 libavcodec58_134-32bit-4.4.6-150400.3.52.1 libavcodec58_134-64bit-4.4.6-150400.3.52.1 libavdevice58_13-4.4.6-150400.3.52.1 libavdevice58_13-32bit-4.4.6-150400.3.52.1 libavdevice58_13-64bit-4.4.6-150400.3.52.1 libavfilter7_110-4.4.6-150400.3.52.1 libavfilter7_110-32bit-4.4.6-150400.3.52.1 libavfilter7_110-64bit-4.4.6-150400.3.52.1 libavformat58_76-4.4.6-150400.3.52.1 libavformat58_76-32bit-4.4.6-150400.3.52.1 libavformat58_76-64bit-4.4.6-150400.3.52.1 libavresample4_0-4.4.6-150400.3.52.1 libavresample4_0-32bit-4.4.6-150400.3.52.1 libavresample4_0-64bit-4.4.6-150400.3.52.1 libavutil56_70-4.4.6-150400.3.52.1 libavutil56_70-32bit-4.4.6-150400.3.52.1 libavutil56_70-64bit-4.4.6-150400.3.52.1 libpostproc55_9-4.4.6-150400.3.52.1 libpostproc55_9-32bit-4.4.6-150400.3.52.1 libpostproc55_9-64bit-4.4.6-150400.3.52.1 libswresample3_9-4.4.6-150400.3.52.1 libswresample3_9-32bit-4.4.6-150400.3.52.1 libswresample3_9-64bit-4.4.6-150400.3.52.1 libswscale5_9-4.4.6-150400.3.52.1 libswscale5_9-32bit-4.4.6-150400.3.52.1 libswscale5_9-64bit-4.4.6-150400.3.52.1 libavcodec58_134-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libavformat58_76-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libavutil56_70-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libpostproc55_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libswresample3_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libswscale5_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libavcodec58_134-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libavformat58_76-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libavutil56_70-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libpostproc55_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libswresample3_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libswscale5_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libavcodec58_134-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libavformat58_76-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libavutil56_70-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libpostproc55_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libswresample3_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libswscale5_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libavcodec58_134-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libavformat58_76-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libavutil56_70-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libpostproc55_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libswresample3_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libswscale5_9-4.4.6-150400.3.52.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition. CVE-2024-36618 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswscale5_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswscale5_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswscale5_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswscale5_9-4.4.6-150400.3.52.1 moderate 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502972-1/ https://www.suse.com/security/cve/CVE-2024-36618.html CVE-2024-36618 https://bugzilla.suse.com/1234020 SUSE Bug 1234020 unknown CVE-2025-7700 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswscale5_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswscale5_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswscale5_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.6-150400.3.52.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswscale5_9-4.4.6-150400.3.52.1 moderate 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502972-1/ https://www.suse.com/security/cve/CVE-2025-7700.html CVE-2025-7700 https://bugzilla.suse.com/1246790 SUSE Bug 1246790