CVE-2015-6761

The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service (race condition and memory corruption) or possibly have unspecified other impact via a crafted WebM file.

Date published : 2015-10-15

http://www.securityfocus.com/bid/77073

http://git.videolan.org/?p=ffmpeg.git;a=commit;h=dabea74d0e82ea80cd344f630497cafcb3ef872c