CVE-2015-8661

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 2.8.3

Description The issue is related to the h264 slice header init function in libavcodec/h264 slice.c, which does not properly validate the relationship between the number of threads and the number of slices. This can be exploited by remote attackers using crafted H.264 data, potentially leading to a denial of service due to out-of-bounds array access or other unspecified impacts.

Recommendations For versions prior to 2.8.3, update to version 2.8.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the h264 slice header init function until a patch is available.