ffmpeg-6
Chainguard
Status
Justification
Impact
The mpegvideo_enc heap buffer overflow has been fixed in FFmpeg 6.1.2. The fix (commit a066b8a809) corrected the memcpy size calculation at libavcodec/mpegvideo_enc.c:1216. The vulnerable code 'memcpy(dst, src, src_stride * h)' would copy beyond actual image data. The fixed calculation 'src_stride * h - src_stride + w' properly accounts for the last line having only width bytes instead of full stride, preventing buffer overread. This ensures exactly the correct amount of data is copied.
Status