{"id":"CVE-2017-16840","details":"The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.","modified":"2026-04-16T06:21:59.072756858Z","published":"2017-11-21T08:29:00.210Z","related":["openSUSE-SU-2018:0470-1","openSUSE-SU-2018:0476-1","openSUSE-SU-2024:10754-1"],"references":[{"type":"WEB","url":"http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=a94cb36ab2ad99d3a1331c9f91831ef593d94f74"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-4049"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/101924"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"last_affected":"c40983a6f631d22fede713d535bb9c31d5c9740c"},{"introduced":"0"},{"last_affected":"22b0daa1b3f0ac5d91cc1a057d230995590847cd"},{"fixed":"94e538aebbc9f9c529e8b1f2eda860cfb8c473b1"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0"},{"introduced":"0"},{"last_affected":"3.4"}]}}],"versions":["N","n0.11-dev","n0.12-dev","n0.8","n1.1-dev","n1.2-dev","n1.3-dev","n2.0","n2.1-dev","n2.2-dev","n2.3-dev","n2.4-dev","n2.5-dev","n2.6-dev","n2.7-dev","n2.8-dev","n2.9-dev","n3.0","n3.0.1","n3.0.2","n3.0.3","n3.0.4","n3.0.5","n3.0.6","n3.0.7","n3.0.8","n3.0.9","n3.1-dev","n3.2-dev","n3.3-dev","n3.4-dev"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16840.json","vanir_signatures_modified":"2026-04-11T04:37:58Z","vanir_signatures":[{"deprecated":false,"id":"CVE-2017-16840-094792fd","source":"https://github.com/ffmpeg/ffmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1","signature_version":"v1","target":{"file":"libavcodec/vc2enc_dwt.h"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["135818594614901672732146968676385056856","248125806350867737154119266375215529082","186133846001445467985421406694757432229","63482696116901264408691652824731083733","257204787779104618254370894359176384064","175904524801985787039735545992937190833","99626077389251573496303213197947429264","237349011077517403735766500451654610691"]}},{"signature_type":"Function","id":"CVE-2017-16840-28a4c539","source":"https://github.com/ffmpeg/ffmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1","signature_version":"v1","target":{"file":"libavcodec/vc2enc.c","function":"vc2_encode_init"},"deprecated":false,"digest":{"length":5192,"function_hash":"335363604367117808748188825808816569480"}},{"signature_type":"Line","target":{"file":"libavcodec/vc2enc.c"},"source":"https://github.com/ffmpeg/ffmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1","signature_version":"v1","id":"CVE-2017-16840-465c152d","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["197305430240602816591644314383776055292","67111441144557061660701597356442478488","137925606817059743193280873001912113898","74440525678306990342453025535523734246","172298131143932485841285047965883868080"]}},{"deprecated":false,"target":{"file":"libavcodec/vc2enc_dwt.c","function":"ff_vc2enc_init_transforms"},"signature_version":"v1","source":"https://github.com/ffmpeg/ffmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1","signature_type":"Function","id":"CVE-2017-16840-4786e35c","digest":{"length":323,"function_hash":"268327022686470612313326723529605010299"}},{"signature_type":"Function","target":{"file":"libavcodec/vc2enc_dwt.c","function":"ff_vc2enc_free_transforms"},"source":"https://github.com/ffmpeg/ffmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1","signature_version":"v1","id":"CVE-2017-16840-67d2348c","deprecated":false,"digest":{"length":69,"function_hash":"46399139728623671936880676747376363104"}},{"deprecated":false,"target":{"file":"libavcodec/vc2enc_dwt.c"},"source":"https://github.com/ffmpeg/ffmpeg/commit/94e538aebbc9f9c529e8b1f2eda860cfb8c473b1","signature_version":"v1","signature_type":"Line","id":"CVE-2017-16840-a87bf187","digest":{"threshold":0.9,"line_hashes":["53795763754123074629229590708092510091","80350097047626985864507570491897652593","135965666273098394188915963956646392453","303737012275246568064756864032559436743","40117645717818657865657395139437859457","79147293561506676442283515161020790479","119905777158287688855604005386924491997","24706128928333116285719656482873298185","260918295490888607884998935979156143138","300707498807955112852161934854568824612","61036244475108607892019035979117532090","316919907739127694507247972126559813512","180660775057073708108545038031223728538"]}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}