xine-lib, FFmpeg: Heap-based buffer overflow — GLSA 200601-06

xine-lib and FFmpeg are vulnerable to a buffer overflow that may be exploited by attackers to execute arbitrary code.

Affected packages

media-libs/xine-lib on all architectures
Affected versions < 1.1.1-r3
Unaffected versions >= 1.1.1-r3
media-video/ffmpeg on all architectures
Affected versions < 0.4.9_p20051216
Unaffected versions >= 0.4.9_p20051216


xine is a GPL high-performance, portable and reusable multimedia playback engine. xine-lib is xine's core engine. FFmpeg is a very fast video and audio converter and is used in xine-lib.


Simon Kilvington has reported a vulnerability in FFmpeg libavcodec. The flaw is due to a buffer overflow error in the "avcodec_default_get_buffer()" function. This function doesn't properly handle specially crafted PNG files as a result of a heap overflow.


A remote attacker could entice a user to run an FFmpeg based application on a maliciously crafted PNG file, resulting in the execution of arbitrary code with the permissions of the user running the application.


There is no known workaround at this time.


All xine-lib users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-libs/xine-lib-1.1.1-r3"

All FFmpeg users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-video/ffmpeg-0.4.9_p20051216"


Release date
January 10, 2006

Latest revision
January 10, 2006: 01



Bugzilla entries