An update for ffmpeg is now available for openEuler-22.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2596 Final 1.0 1.0 2026-06-05 Initial 2026-06-05 2026-06-05 openEuler SA Tool V1.0 2026-06-05 ffmpeg security update An update for ffmpeg is now available for openEuler-22.03-LTS-SP4 FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fix(es): Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.(CVE-2020-20451) A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.(CVE-2020-22017) A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences.(CVE-2020-22025) A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.(CVE-2020-22029) A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.(CVE-2020-22030) An update for ffmpeg is now available for openEuler-22.03-LTS-SP4. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High ffmpeg https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2596 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2020-20451 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2020-22017 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2020-22025 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2020-22029 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2020-22030 https://nvd.nist.gov/vuln/detail/CVE-2020-20451 https://nvd.nist.gov/vuln/detail/CVE-2020-22017 https://nvd.nist.gov/vuln/detail/CVE-2020-22025 https://nvd.nist.gov/vuln/detail/CVE-2020-22029 https://nvd.nist.gov/vuln/detail/CVE-2020-22030 openEuler-22.03-LTS-SP4 ffmpeg-4.2.4-29.oe2203sp4.aarch64.rpm ffmpeg-debuginfo-4.2.4-29.oe2203sp4.aarch64.rpm ffmpeg-debugsource-4.2.4-29.oe2203sp4.aarch64.rpm ffmpeg-devel-4.2.4-29.oe2203sp4.aarch64.rpm ffmpeg-libs-4.2.4-29.oe2203sp4.aarch64.rpm libavdevice-4.2.4-29.oe2203sp4.aarch64.rpm ffmpeg-4.2.4-29.oe2203sp4.src.rpm ffmpeg-4.2.4-29.oe2203sp4.x86_64.rpm ffmpeg-debuginfo-4.2.4-29.oe2203sp4.x86_64.rpm ffmpeg-debugsource-4.2.4-29.oe2203sp4.x86_64.rpm ffmpeg-devel-4.2.4-29.oe2203sp4.x86_64.rpm ffmpeg-libs-4.2.4-29.oe2203sp4.x86_64.rpm libavdevice-4.2.4-29.oe2203sp4.x86_64.rpm Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c. 2026-06-05 CVE-2020-20451 openEuler-22.03-LTS-SP4 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ffmpeg security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2596 A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences. 2026-06-05 CVE-2020-22017 openEuler-22.03-LTS-SP4 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ffmpeg security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2596 A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. 2026-06-05 CVE-2020-22025 openEuler-22.03-LTS-SP4 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ffmpeg security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2596 A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences. 2026-06-05 CVE-2020-22029 openEuler-22.03-LTS-SP4 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ffmpeg security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2596 A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences. 2026-06-05 CVE-2020-22030 openEuler-22.03-LTS-SP4 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ffmpeg security update 2026-06-05 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2596