|
|
Log in / Subscribe / Register

Ubuntu alert USN-7982-1 (ffmpeg)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7982-1] FFmpeg vulnerabilities


Date:
              Wed, 28 Jan 2026 05:44:30 +0000


Message-ID:
              <E1vkyLu-0007EZ-JP@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-7982-1
January 27, 2026

ffmpeg vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in FFmpeg.

Software Description:
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files

Details:

It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10.
(CVE-2025-59728)

It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-59731,
CVE-2025-59732)

It was discovered that FFmpeg did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS
and Ubuntu 25.10. (CVE-2025-59733)

It was discovered that FFmpeg did not correctly handle certain integer
arithmetic operations. An attacker could possibly use this issue to
cause a denial of service or execute arbitrary code. (CVE-2025-63757)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  ffmpeg                          7:7.1.1-1ubuntu4.2
  libavcodec61                    7:7.1.1-1ubuntu4.2
  libavformat61                   7:7.1.1-1ubuntu4.2

Ubuntu 24.04 LTS
  ffmpeg                          7:6.1.1-3ubuntu5+esm7
                                  Available with Ubuntu Pro
  libavcodec60                    7:6.1.1-3ubuntu5+esm7
                                  Available with Ubuntu Pro
  libavformat60                   7:6.1.1-3ubuntu5+esm7
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  ffmpeg                          7:4.4.2-0ubuntu0.22.04.1+esm11
                                  Available with Ubuntu Pro
  libavcodec58                    7:4.4.2-0ubuntu0.22.04.1+esm11
                                  Available with Ubuntu Pro
  libavformat58                   7:4.4.2-0ubuntu0.22.04.1+esm11
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  ffmpeg                          7:4.2.7-0ubuntu0.1+esm12
                                  Available with Ubuntu Pro
  libavcodec58                    7:4.2.7-0ubuntu0.1+esm12
                                  Available with Ubuntu Pro
  libavformat58                   7:4.2.7-0ubuntu0.1+esm12
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  ffmpeg                          7:3.4.11-0ubuntu0.1+esm12
                                  Available with Ubuntu Pro
  libavcodec57                    7:3.4.11-0ubuntu0.1+esm12
                                  Available with Ubuntu Pro
  libavformat57                   7:3.4.11-0ubuntu0.1+esm12
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  ffmpeg                          7:2.8.17-0ubuntu0.1+esm14
                                  Available with Ubuntu Pro
  libavcodec-extra                7:2.8.17-0ubuntu0.1+esm14
                                  Available with Ubuntu Pro
  libavcodec-ffmpeg56             7:2.8.17-0ubuntu0.1+esm14
                                  Available with Ubuntu Pro
  libavformat-ffmpeg56            7:2.8.17-0ubuntu0.1+esm14
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7982-1
  CVE-2025-59728, CVE-2025-59731, CVE-2025-59732, CVE-2025-59733,
  CVE-2025-63757

Package Information:
  https://launchpad.net/ubuntu/+source/ffmpeg/7:7.1.1-1ubun...




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAml5ocoACgkQcpJm3tlz
hgFnQA//XXHMfIAGRQzF/P54hVkYjqQWojd5pB93pnpivSjSq74Bxg5WdaKG74jH
/VjDooAJdewmobSu+I74y0D9rJmxsh6exXxVc4tRA/z2+F8JNzSH8AS7PQ4SRVhn
u5SAQAq2gSbcUw/kbNWOsfZOfwq6opLNHqSVFagKSCHpTJbYEc4xz4NV4Qv9ZgRX
tZBpNu6vIv/CuMbjuhesx0gKO7NmQdhZRrb8OEJMNjpToFJ2o7oQ+kyj6ggMKa2H
pzUH7DNL8f2u5LxvlO0ar8hWP26pFI+Ou1uPQKlhOKw6JlyXr0ya6PLA2EUEbMKe
1C/IyuuBTtVIoD+O+fQh/mAuzY1/Pi1QidVDwCVHxLbxm03u5oC9h8UKv6kfQ2Gi
KciYsNM7OQPEsS/LE6EPnbGPA1oYFKtFv9B/WtY5JmX4Y5/8ayOIZOzKu1TO55G/
BtJJ6SZ5wDM6yDmNOD7bY2XPHPM8cJ0Lx/oUI82Tl201dO9QMzTjJSWuaX34ufNy
LivV2mI7n/JJV+0SFDprZ/vUYnK8qO1sirqR5Al8dzaHjc4IWXEgRt2b+jm2MBvt
7Plxk0PrNXrk9zMRoZItONdBDyD2PCCOLlIN3u9ZDQctTAnWlgu3IR7NiwPiDzZC
GSJTsVnOcaY1vrIu6YO0cJT32vf2II1JOzEXpk+jgPSLrh5sfJU=
=YPGY
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds