CVE-2015-8218

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 2.8.2

Description The issue exists due to insufficient input validation in the decode uncompressed function. This can be exploited by a remote attacker using specially crafted CCITT FAX data, potentially leading to a denial of service or other unspecified impacts.

Recommendations For versions prior to 2.8.2, update to version 2.8.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the decode uncompressed function in libavcodec/faxcompr.c until a patch is applied.