Security update for ffmpeg-4 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:1128-1 Final 1 1 2025-04-03T11:54:05Z current 2025-04-03T11:54:05Z 2025-04-03T11:54:05Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for ffmpeg-4 This update for ffmpeg-4 fixes the following issues: - CVE-2020-22037: Fixed unchecked return value of the init_vlc function (bsc#1186756) - CVE-2024-12361: Fixed null pointer dereference (bsc#1237358) - CVE-2024-35368: Fixed double free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c (bsc#1234028) - CVE-2024-36613: Fixed integer overflow in the DXA demuxer of the libavformat library (bsc#1235092) - CVE-2025-0518: Fixed memory leak due to unchecked sscanf return value (bsc#1236007) - CVE-2025-22919: Fixed denial of service (DoS) via opening a crafted AAC file (bsc#1237371) - CVE-2025-22921: Fixed segmentation violation in NULL pointer dereference via the component /libavcodec/jpeg2000dec.c (bsc#1237382) - CVE-2025-25473: Fixed memory leak in avformat_free_context() (bsc#1237351) Other fixes: - Build with SVT-AV1 3.0.0. - Update to release 4.4.5: * Adjust bconds to build the package in SLFO without xvidcore. * Add 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (bsc#1229338) * Add ffmpeg-c99.patch so that the package conforms to the C99 standard and builds on i586 with GCC 14. * No longer build against libmfx; build against libvpl (bsc#1230983, bsc#1219494) * Drop libmfx dependency from our product (jira #PED-10024) * Update patch to build with glslang 14 * Disable vmaf integration as ffmpeg-4 cannot handle vmaf>=3 * Copy codec list from ffmpeg-6 * Resolve build failure with binutils >= 2.41. (bsc#1215945) - Update to version 4.4.4: * avcodec/012v: Order operations for odd size handling * avcodec/alsdec: The minimal block is at least 7 bits * avcodec/bink: - Avoid undefined out of array end pointers in binkb_decode_plane() - Fix off by 1 error in ref end * avcodec/eac3dec: avoid float noise in fixed mode addition to overflow * avcodec/eatgq: : Check index increments in tgq_decode_block() * avcodec/escape124: - Fix signdness of end of input check - Fix some return codes * avcodec/ffv1dec: - Check that num h/v slices is supported - Fail earlier if prior context is corrupted - Restructure slice coordinate reading a bit * avcodec/mjpegenc: take into account component count when writing the SOF header size * avcodec/mlpdec: Check max matrix instead of max channel in noise check * avcodec/motionpixels: Mask pixels to valid values * avcodec/mpeg12dec: Check input size * avcodec/nvenc: - Fix b-frame DTS behavior with fractional framerates - Fix vbv buffer size in cq mode * avcodec/pictordec: Remove mid exit branch * avcodec/pngdec: Check deloco index more exactly * avcodec/rpzaenc: stop accessing out of bounds frame * avcodec/scpr3: Check bx * avcodec/scpr: Test bx before use * avcodec/snowenc: Fix visual weight calculation * avcodec/speedhq: Check buf_size to be big enough for DC * avcodec/sunrast: Fix maplength check * avcodec/tests/snowenc: - Fix 2nd test - Return a failure if DWT/IDWT mismatches - Unbreak DWT tests * avcodec/tiff: Ignore tile_count * avcodec/utils: - Allocate a line more for VC1 and WMV3 - Ensure linesize for SVQ3 - Use 32pixel alignment for bink * avcodec/videodsp_template: Adjust pointers to avoid undefined pointer things * avcodec/vp3: Add missing check for av_malloc * avcodec/wavpack: - Avoid undefined shift in get_tail() - Check for end of input in wv_unpack_dsd_high() * avcodec/xpmdec: Check size before allocation to avoid truncation * avfilter/vf_untile: swap the chroma shift values used for plane offsets * avformat/id3v2: Check taglen in read_uslt() * avformat/mov: Check samplesize and offset to avoid integer overflow * avformat/mxfdec: Use 64bit in remainder * avformat/nutdec: Add check for avformat_new_stream * avformat/replaygain: avoid undefined / negative abs * swscale/input: Use more unsigned intermediates * swscale/output: Bias 16bps output calculations to improve non overflowing range * swscale: aarch64: Fix yuv2rgb with negative stride * Use https for repository links - Update to version 4.4.3: * Stable bug fix release, mainly codecs, filter and format fixes. - Add patch to detect SDL2 >= 2.1.0 (bsc#1202848): - Update to version 4.4.2: * Stable bug fix release, mainly codecs, filter and format fixes. - Add conflicts for ffmpeg-5's tools - Enable Vulkan filters - Fix OS version check, so nvcodec is enabled for Leap too. - Disamble libsmbclient usage (can always be built with --with-smbclient): the usecase of ffmpeg directly accessing smb:// shares is quite constructed (most users will have their smb shares mounted). - Update to version 4.4.1: * Stable bug fix release, mainly codecs and format fixes. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-1128,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1128,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1128,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1128,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1128 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ Link for SUSE-SU-2025:1128-1 https://lists.suse.com/pipermail/sle-updates/2025-April/038897.html E-Mail link for SUSE-SU-2025:1128-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1186756 SUSE Bug 1186756 https://bugzilla.suse.com/1202848 SUSE Bug 1202848 https://bugzilla.suse.com/1215945 SUSE Bug 1215945 https://bugzilla.suse.com/1219494 SUSE Bug 1219494 https://bugzilla.suse.com/1229338 SUSE Bug 1229338 https://bugzilla.suse.com/1230983 SUSE Bug 1230983 https://bugzilla.suse.com/1234028 SUSE Bug 1234028 https://bugzilla.suse.com/1235092 SUSE Bug 1235092 https://bugzilla.suse.com/1236007 SUSE Bug 1236007 https://bugzilla.suse.com/1237351 SUSE Bug 1237351 https://bugzilla.suse.com/1237358 SUSE Bug 1237358 https://bugzilla.suse.com/1237371 SUSE Bug 1237371 https://bugzilla.suse.com/1237382 SUSE Bug 1237382 https://www.suse.com/security/cve/CVE-2020-22037/ SUSE CVE CVE-2020-22037 page https://www.suse.com/security/cve/CVE-2024-12361/ SUSE CVE CVE-2024-12361 page https://www.suse.com/security/cve/CVE-2024-35368/ SUSE CVE CVE-2024-35368 page https://www.suse.com/security/cve/CVE-2024-36613/ SUSE CVE CVE-2024-36613 page https://www.suse.com/security/cve/CVE-2025-0518/ SUSE CVE CVE-2025-0518 page https://www.suse.com/security/cve/CVE-2025-22919/ SUSE CVE CVE-2025-22919 page https://www.suse.com/security/cve/CVE-2025-22921/ SUSE CVE CVE-2025-22921 page https://www.suse.com/security/cve/CVE-2025-25473/ SUSE CVE CVE-2025-25473 page SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 ffmpeg-4-4.4.5-150400.3.46.1 ffmpeg-4-libavcodec-devel-4.4.5-150400.3.46.1 ffmpeg-4-libavdevice-devel-4.4.5-150400.3.46.1 ffmpeg-4-libavfilter-devel-4.4.5-150400.3.46.1 ffmpeg-4-libavformat-devel-4.4.5-150400.3.46.1 ffmpeg-4-libavresample-devel-4.4.5-150400.3.46.1 ffmpeg-4-libavutil-devel-4.4.5-150400.3.46.1 ffmpeg-4-libpostproc-devel-4.4.5-150400.3.46.1 ffmpeg-4-libswresample-devel-4.4.5-150400.3.46.1 ffmpeg-4-libswscale-devel-4.4.5-150400.3.46.1 ffmpeg-4-private-devel-4.4.5-150400.3.46.1 libavcodec58_134-4.4.5-150400.3.46.1 libavcodec58_134-32bit-4.4.5-150400.3.46.1 libavcodec58_134-64bit-4.4.5-150400.3.46.1 libavdevice58_13-4.4.5-150400.3.46.1 libavdevice58_13-32bit-4.4.5-150400.3.46.1 libavdevice58_13-64bit-4.4.5-150400.3.46.1 libavfilter7_110-4.4.5-150400.3.46.1 libavfilter7_110-32bit-4.4.5-150400.3.46.1 libavfilter7_110-64bit-4.4.5-150400.3.46.1 libavformat58_76-4.4.5-150400.3.46.1 libavformat58_76-32bit-4.4.5-150400.3.46.1 libavformat58_76-64bit-4.4.5-150400.3.46.1 libavresample4_0-4.4.5-150400.3.46.1 libavresample4_0-32bit-4.4.5-150400.3.46.1 libavresample4_0-64bit-4.4.5-150400.3.46.1 libavutil56_70-4.4.5-150400.3.46.1 libavutil56_70-32bit-4.4.5-150400.3.46.1 libavutil56_70-64bit-4.4.5-150400.3.46.1 libpostproc55_9-4.4.5-150400.3.46.1 libpostproc55_9-32bit-4.4.5-150400.3.46.1 libpostproc55_9-64bit-4.4.5-150400.3.46.1 libswresample3_9-4.4.5-150400.3.46.1 libswresample3_9-32bit-4.4.5-150400.3.46.1 libswresample3_9-64bit-4.4.5-150400.3.46.1 libswscale5_9-4.4.5-150400.3.46.1 libswscale5_9-32bit-4.4.5-150400.3.46.1 libswscale5_9-64bit-4.4.5-150400.3.46.1 libavcodec58_134-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libavformat58_76-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libavutil56_70-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libpostproc55_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libswresample3_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS libavcodec58_134-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libavformat58_76-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libavutil56_70-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libpostproc55_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libswresample3_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS libavcodec58_134-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libavformat58_76-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libavutil56_70-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libpostproc55_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libswresample3_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS libavcodec58_134-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libavformat58_76-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libavutil56_70-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libpostproc55_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 libswresample3_9-4.4.5-150400.3.46.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c. CVE-2020-22037 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2020-22037.html CVE-2020-22037 https://bugzilla.suse.com/1186756 SUSE Bug 1186756 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2024-12361 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2024-12361.html CVE-2024-12361 https://bugzilla.suse.com/1237358 SUSE Bug 1237358 FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. CVE-2024-35368 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2024-35368.html CVE-2024-35368 https://bugzilla.suse.com/1234028 SUSE Bug 1234028 FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior. CVE-2024-36613 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2024-36613.html CVE-2024-36613 https://bugzilla.suse.com/1235092 SUSE Bug 1235092 Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman CVE-2025-0518 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2025-0518.html CVE-2025-0518 https://bugzilla.suse.com/1236007 SUSE Bug 1236007 A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. CVE-2025-22919 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2025-22919.html CVE-2025-22919 https://bugzilla.suse.com/1237371 SUSE Bug 1237371 FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c. CVE-2025-22921 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 moderate 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2025-22921.html CVE-2025-22921 https://bugzilla.suse.com/1237382 SUSE Bug 1237382 FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c. CVE-2025-25473 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server 15 SP4-LTSS:libswresample3_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavcodec58_134-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavformat58_76-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libavutil56_70-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libpostproc55_9-4.4.5-150400.3.46.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:libswresample3_9-4.4.5-150400.3.46.1 low 0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251128-1/ https://www.suse.com/security/cve/CVE-2025-25473.html CVE-2025-25473 https://bugzilla.suse.com/1237351 SUSE Bug 1237351