Security update for ffmpeg-4

Announcement ID:	SUSE-SU-2025:1128-1
Release Date:	2025-04-03T11:54:06Z
Rating:	important
References:	bsc#1186756 bsc#1202848 bsc#1215945 bsc#1219494 bsc#1229338 bsc#1230983 bsc#1234028 bsc#1235092 bsc#1236007 bsc#1237351 bsc#1237358 bsc#1237371 bsc#1237382 jsc#PED-10024
Cross-References:	CVE-2020-22037 CVE-2024-12361 CVE-2024-35368 CVE-2024-36613 CVE-2025-0518 CVE-2025-22919 CVE-2025-22921 CVE-2025-25473
CVSS scores:	CVE-2020-22037 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2020-22037 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2024-12361 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2024-12361 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-35368 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2024-35368 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-35368 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2024-36613 ( SUSE ): 4.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2024-36613 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L CVE-2024-36613 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-0518 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2025-0518 ( NVD ): 4.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2025-22919 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-22919 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2025-22919 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-22921 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-22921 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2025-22921 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-25473 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2025-25473 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N CVE-2025-25473 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:	openSUSE Leap 15.4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP4 LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves eight vulnerabilities, contains one feature and has five security fixes can now be installed.

Description:

This update for ffmpeg-4 fixes the following issues:

• CVE-2020-22037: Fixed unchecked return value of the init_vlc function (bsc#1186756)
• CVE-2024-12361: Fixed null pointer dereference (bsc#1237358)
• CVE-2024-35368: Fixed double free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c (bsc#1234028)
• CVE-2024-36613: Fixed integer overflow in the DXA demuxer of the libavformat library (bsc#1235092)
• CVE-2025-0518: Fixed memory leak due to unchecked sscanf return value (bsc#1236007)
• CVE-2025-22919: Fixed denial of service (DoS) via opening a crafted AAC file (bsc#1237371)
• CVE-2025-22921: Fixed segmentation violation in NULL pointer dereference via the component /libavcodec/jpeg2000dec.c (bsc#1237382)
• CVE-2025-25473: Fixed memory leak in avformat_free_context() (bsc#1237351)

Other fixes:

• Build with SVT-AV1 3.0.0.

• Update to release 4.4.5:

• Adjust bconds to build the package in SLFO without xvidcore.
• Add 0001-libavcodec-arm-mlpdsp_armv5te-fix-label-format-to-wo.patch (bsc#1229338)
• Add ffmpeg-c99.patch so that the package conforms to the C99 standard and builds on i586 with GCC 14.
• No longer build against libmfx; build against libvpl (bsc#1230983, bsc#1219494)
• Drop libmfx dependency from our product (jira #PED-10024)
• Update patch to build with glslang 14
• Disable vmaf integration as ffmpeg-4 cannot handle vmaf>=3
• Copy codec list from ffmpeg-6

• Resolve build failure with binutils >= 2.41. (bsc#1215945)

• Update to version 4.4.4:

• avcodec/012v: Order operations for odd size handling
• avcodec/alsdec: The minimal block is at least 7 bits
• avcodec/bink:
  • Avoid undefined out of array end pointers in
    binkb_decode_plane()
  • Fix off by 1 error in ref end
• avcodec/eac3dec: avoid float noise in fixed mode addition to
  overflow
• avcodec/eatgq: : Check index increments in tgq_decode_block()
• avcodec/escape124:
  • Fix signdness of end of input check
  • Fix some return codes
• avcodec/ffv1dec:
  • Check that num h/v slices is supported
  • Fail earlier if prior context is corrupted
  • Restructure slice coordinate reading a bit
• avcodec/mjpegenc: take into account component count when
  writing the SOF header size
• avcodec/mlpdec: Check max matrix instead of max channel in
  noise check
• avcodec/motionpixels: Mask pixels to valid values
• avcodec/mpeg12dec: Check input size
• avcodec/nvenc:
  • Fix b-frame DTS behavior with fractional framerates
  • Fix vbv buffer size in cq mode
• avcodec/pictordec: Remove mid exit branch
• avcodec/pngdec: Check deloco index more exactly
• avcodec/rpzaenc: stop accessing out of bounds frame
• avcodec/scpr3: Check bx
• avcodec/scpr: Test bx before use
• avcodec/snowenc: Fix visual weight calculation
• avcodec/speedhq: Check buf_size to be big enough for DC
• avcodec/sunrast: Fix maplength check
• avcodec/tests/snowenc:
  • Fix 2nd test
  • Return a failure if DWT/IDWT mismatches
  • Unbreak DWT tests
• avcodec/tiff: Ignore tile_count
• avcodec/utils:
  • Allocate a line more for VC1 and WMV3
  • Ensure linesize for SVQ3
  • Use 32pixel alignment for bink
• avcodec/videodsp_template: Adjust pointers to avoid undefined
  pointer things
• avcodec/vp3: Add missing check for av_malloc
• avcodec/wavpack:
  • Avoid undefined shift in get_tail()
  • Check for end of input in wv_unpack_dsd_high()
• avcodec/xpmdec: Check size before allocation to avoid
  truncation
• avfilter/vf_untile: swap the chroma shift values used for plane
  offsets
• avformat/id3v2: Check taglen in read_uslt()
• avformat/mov: Check samplesize and offset to avoid integer
  overflow
• avformat/mxfdec: Use 64bit in remainder
• avformat/nutdec: Add check for avformat_new_stream
• avformat/replaygain: avoid undefined / negative abs
• swscale/input: Use more unsigned intermediates
• swscale/output: Bias 16bps output calculations to improve non
  overflowing range
• swscale: aarch64: Fix yuv2rgb with negative stride

• Use https for repository links

• Update to version 4.4.3:

• Stable bug fix release, mainly codecs, filter and format fixes.

• Add patch to detect SDL2 >= 2.1.0 (bsc#1202848):

• Update to version 4.4.2:

• Stable bug fix release, mainly codecs, filter and format fixes.

• Add conflicts for ffmpeg-5's tools

• Enable Vulkan filters
• Fix OS version check, so nvcodec is enabled for Leap too.

• Disamble libsmbclient usage (can always be built with
  --with-smbclient): the usecase of ffmpeg directly accessing
  smb:// shares is quite constructed (most users will have their
  smb shares mounted).

• Update to version 4.4.1:

• Stable bug fix release, mainly codecs and format fixes.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4
  zypper in -t patch SUSE-2025-1128=1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1128=1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1128=1
• SUSE Linux Enterprise Server 15 SP4 LTSS
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1128=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1128=1

Package List:

• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
  • libpostproc55_9-debuginfo-4.4.5-150400.3.46.1
  • ffmpeg-4-debugsource-4.4.5-150400.3.46.1
  • libavcodec58_134-4.4.5-150400.3.46.1
  • ffmpeg-4-libavdevice-devel-4.4.5-150400.3.46.1
  • ffmpeg-4-libavresample-devel-4.4.5-150400.3.46.1
  • ffmpeg-4-libswscale-devel-4.4.5-150400.3.46.1
  • libavfilter7_110-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-4.4.5-150400.3.46.1
  • libavutil56_70-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-debuginfo-4.4.5-150400.3.46.1
  • libavresample4_0-4.4.5-150400.3.46.1
  • ffmpeg-4-libswresample-devel-4.4.5-150400.3.46.1
  • libavdevice58_13-debuginfo-4.4.5-150400.3.46.1
  • ffmpeg-4-4.4.5-150400.3.46.1
  • ffmpeg-4-debuginfo-4.4.5-150400.3.46.1
  • libswscale5_9-debuginfo-4.4.5-150400.3.46.1
  • libavcodec58_134-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-4.4.5-150400.3.46.1
  • ffmpeg-4-libavutil-devel-4.4.5-150400.3.46.1
  • libpostproc55_9-4.4.5-150400.3.46.1
  • ffmpeg-4-libpostproc-devel-4.4.5-150400.3.46.1
  • libavfilter7_110-4.4.5-150400.3.46.1
  • ffmpeg-4-libavcodec-devel-4.4.5-150400.3.46.1
  • ffmpeg-4-libavfilter-devel-4.4.5-150400.3.46.1
  • ffmpeg-4-libavformat-devel-4.4.5-150400.3.46.1
  • libswscale5_9-4.4.5-150400.3.46.1
  • libavformat58_76-debuginfo-4.4.5-150400.3.46.1
  • libavdevice58_13-4.4.5-150400.3.46.1
  • libswresample3_9-4.4.5-150400.3.46.1
  • ffmpeg-4-private-devel-4.4.5-150400.3.46.1
  • libavresample4_0-debuginfo-4.4.5-150400.3.46.1
• openSUSE Leap 15.4 (x86_64)
  • libavresample4_0-32bit-4.4.5-150400.3.46.1
  • libswresample3_9-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavresample4_0-32bit-debuginfo-4.4.5-150400.3.46.1
  • libpostproc55_9-32bit-4.4.5-150400.3.46.1
  • libavcodec58_134-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavcodec58_134-32bit-4.4.5-150400.3.46.1
  • libswresample3_9-32bit-4.4.5-150400.3.46.1
  • libswscale5_9-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavdevice58_13-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-32bit-4.4.5-150400.3.46.1
  • libpostproc55_9-32bit-debuginfo-4.4.5-150400.3.46.1
  • libswscale5_9-32bit-4.4.5-150400.3.46.1
  • libavfilter7_110-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavfilter7_110-32bit-4.4.5-150400.3.46.1
  • libavutil56_70-32bit-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-32bit-4.4.5-150400.3.46.1
  • libavdevice58_13-32bit-4.4.5-150400.3.46.1
• openSUSE Leap 15.4 (aarch64_ilp32)
  • libavresample4_0-64bit-debuginfo-4.4.5-150400.3.46.1
  • libpostproc55_9-64bit-4.4.5-150400.3.46.1
  • libavutil56_70-64bit-4.4.5-150400.3.46.1
  • libavfilter7_110-64bit-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-64bit-debuginfo-4.4.5-150400.3.46.1
  • libswscale5_9-64bit-4.4.5-150400.3.46.1
  • libavfilter7_110-64bit-4.4.5-150400.3.46.1
  • libavdevice58_13-64bit-4.4.5-150400.3.46.1
  • libpostproc55_9-64bit-debuginfo-4.4.5-150400.3.46.1
  • libavcodec58_134-64bit-debuginfo-4.4.5-150400.3.46.1
  • libavresample4_0-64bit-4.4.5-150400.3.46.1
  • libswscale5_9-64bit-debuginfo-4.4.5-150400.3.46.1
  • libavdevice58_13-64bit-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-64bit-debuginfo-4.4.5-150400.3.46.1
  • libavcodec58_134-64bit-4.4.5-150400.3.46.1
  • libavutil56_70-64bit-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-64bit-4.4.5-150400.3.46.1
  • libavformat58_76-64bit-4.4.5-150400.3.46.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64)
  • libpostproc55_9-4.4.5-150400.3.46.1
  • libpostproc55_9-debuginfo-4.4.5-150400.3.46.1
  • ffmpeg-4-debugsource-4.4.5-150400.3.46.1
  • libavcodec58_134-4.4.5-150400.3.46.1
  • libavformat58_76-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-4.4.5-150400.3.46.1
  • ffmpeg-4-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-4.4.5-150400.3.46.1
  • libavcodec58_134-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-4.4.5-150400.3.46.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64)
  • libpostproc55_9-4.4.5-150400.3.46.1
  • libpostproc55_9-debuginfo-4.4.5-150400.3.46.1
  • ffmpeg-4-debugsource-4.4.5-150400.3.46.1
  • libavcodec58_134-4.4.5-150400.3.46.1
  • libavformat58_76-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-4.4.5-150400.3.46.1
  • ffmpeg-4-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-4.4.5-150400.3.46.1
  • libavcodec58_134-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-4.4.5-150400.3.46.1
• SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
  • libpostproc55_9-4.4.5-150400.3.46.1
  • libpostproc55_9-debuginfo-4.4.5-150400.3.46.1
  • ffmpeg-4-debugsource-4.4.5-150400.3.46.1
  • libavcodec58_134-4.4.5-150400.3.46.1
  • libavformat58_76-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-4.4.5-150400.3.46.1
  • ffmpeg-4-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-4.4.5-150400.3.46.1
  • libavcodec58_134-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-4.4.5-150400.3.46.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
  • libpostproc55_9-4.4.5-150400.3.46.1
  • libpostproc55_9-debuginfo-4.4.5-150400.3.46.1
  • ffmpeg-4-debugsource-4.4.5-150400.3.46.1
  • libavcodec58_134-4.4.5-150400.3.46.1
  • libavformat58_76-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-debuginfo-4.4.5-150400.3.46.1
  • libavformat58_76-4.4.5-150400.3.46.1
  • ffmpeg-4-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-debuginfo-4.4.5-150400.3.46.1
  • libswresample3_9-4.4.5-150400.3.46.1
  • libavcodec58_134-debuginfo-4.4.5-150400.3.46.1
  • libavutil56_70-4.4.5-150400.3.46.1

References:

• https://www.suse.com/security/cve/CVE-2020-22037.html
• https://www.suse.com/security/cve/CVE-2024-12361.html
• https://www.suse.com/security/cve/CVE-2024-35368.html
• https://www.suse.com/security/cve/CVE-2024-36613.html
• https://www.suse.com/security/cve/CVE-2025-0518.html
• https://www.suse.com/security/cve/CVE-2025-22919.html
• https://www.suse.com/security/cve/CVE-2025-22921.html
• https://www.suse.com/security/cve/CVE-2025-25473.html
• https://bugzilla.suse.com/show_bug.cgi?id=1186756
• https://bugzilla.suse.com/show_bug.cgi?id=1202848
• https://bugzilla.suse.com/show_bug.cgi?id=1215945
• https://bugzilla.suse.com/show_bug.cgi?id=1219494
• https://bugzilla.suse.com/show_bug.cgi?id=1229338
• https://bugzilla.suse.com/show_bug.cgi?id=1230983
• https://bugzilla.suse.com/show_bug.cgi?id=1234028
• https://bugzilla.suse.com/show_bug.cgi?id=1235092
• https://bugzilla.suse.com/show_bug.cgi?id=1236007
• https://bugzilla.suse.com/show_bug.cgi?id=1237351
• https://bugzilla.suse.com/show_bug.cgi?id=1237358
• https://bugzilla.suse.com/show_bug.cgi?id=1237371
• https://bugzilla.suse.com/show_bug.cgi?id=1237382
• https://jira.suse.com/browse/PED-10024