{"id":"CVE-2018-15822","details":"The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.","modified":"2026-04-16T06:19:27.857473543Z","published":"2018-08-23T23:29:00.247Z","related":["SUSE-SU-2018:3609-1","openSUSE-SU-2019:1066-1","openSUSE-SU-2024:10754-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00043.html"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/May/60"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3967-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4431-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4449"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/d8ecb335fe4852bbc172c7b79e66944d158b4d92"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"last_affected":"58142a27ea96bf9246586a91a82db85e37646933"},{"introduced":"0"},{"last_affected":"140fd653aed8cad774f991ba083e2d01e86420c7"},{"fixed":"6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10"},{"fixed":"d8ecb335fe4852bbc172c7b79e66944d158b4d92"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.8"},{"introduced":"0"},{"last_affected":"8.0"}]}}],"versions":["N","n0.11-dev","n0.12-dev","n0.8","n1.1-dev","n1.2-dev","n1.3-dev","n2.0","n2.1-dev","n2.2-dev","n2.3-dev","n2.4-dev","n2.5-dev","n2.6-dev","n2.7-dev","n2.8","n2.8-dev","n2.8.1","n2.8.10","n2.8.11","n2.8.12","n2.8.13","n2.8.14","n2.8.15","n2.8.2","n2.8.3","n2.8.4","n2.8.5","n2.8.6","n2.8.7","n2.8.8","n2.8.9","n2.9-dev","n3.1-dev","n3.2-dev","n3.3-dev","n3.4-dev","n3.5-dev","n4.1-dev","n4.2-dev","n4.3-dev","n4.4-dev","n4.5-dev","n5.1-dev","n5.2-dev","n6.1-dev","n6.2-dev","n7.1-dev","n7.2-dev","n8.0"],"database_specific":{"vanir_signatures_modified":"2026-04-11T12:27:40Z","vanir_signatures":[{"target":{"function":"flv_write_packet","file":"libavformat/flvenc.c"},"id":"CVE-2018-15822-61ede296","signature_type":"Function","deprecated":false,"digest":{"length":6210,"function_hash":"126605493963002243786763878397979972170"},"source":"https://github.com/ffmpeg/ffmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10","signature_version":"v1"},{"target":{"file":"libavformat/flvenc.c"},"id":"CVE-2018-15822-b9efedaf","signature_type":"Line","deprecated":false,"digest":{"line_hashes":["147193301791415461805923920078285621927","107193502165357748234612503756240350056","118428189102459771525930371230979065799"],"threshold":0.9},"source":"https://github.com/ffmpeg/ffmpeg/commit/d8ecb335fe4852bbc172c7b79e66944d158b4d92","signature_version":"v1"},{"target":{"function":"flv_write_packet","file":"libavformat/flvenc.c"},"deprecated":false,"signature_type":"Function","id":"CVE-2018-15822-d9e7c24d","digest":{"length":4678,"function_hash":"130541370860603874332054497531241140893"},"source":"https://github.com/ffmpeg/ffmpeg/commit/d8ecb335fe4852bbc172c7b79e66944d158b4d92","signature_version":"v1"},{"target":{"file":"libavformat/flvenc.c"},"id":"CVE-2018-15822-ff0209f6","signature_type":"Line","deprecated":false,"digest":{"line_hashes":["58527666524190152415447120377244757107","62013923509066486281990892171178753293","334080227211384791118196996465674911099"],"threshold":0.9},"source":"https://github.com/ffmpeg/ffmpeg/commit/6b67d7f05918f7a1ee8fc6ff21355d7e8736aa10","signature_version":"v1"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"19.04"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-15822.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}