CVE-2025-9951

Vulnerability

CVE-2025-9951

CVE-2025-9951

ecosystem: ubuntu:16.04, ubuntu:18.04, ubuntu:20.04, ubuntu:22.04, ubuntu:24.04, ubuntu:25.04

A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.

References
severitym
medium

type: vendor

source: launchpad.net/ubuntu-cve-tracker

published: 2025-09-09 14:15:00

Detection

ubuntu:20.04
CVE-2025-9951

ubuntu-cve-tracker

OR

unfixedignored: backport too intrusive

 

ffmpeg

package type: source

type: version

tag: esm-apps/focal_medium

ubuntu:22.04
CVE-2025-9951

ubuntu-cve-tracker

OR

unfixedignored: backport too intrusive

 

ffmpeg

package type: source

type: version

tag: esm-apps/jammy_medium

OR

unfixedneeded

 

ffmpeg

package type: source

type: version

tag: jammy_medium

ubuntu:24.04
CVE-2025-9951

ubuntu-cve-tracker

OR

fixed

dpkg

ffmpeg

package type: source

Affected version range

  • less than

    7:6.1.1-3ubuntu5+esm6

  • fixed

    7:6.1.1-3ubuntu5+esm6

type: version

tag: esm-apps/noble_medium

OR

unfixedneeded

 

ffmpeg

package type: source

type: version

tag: noble_medium

ubuntu:25.04
CVE-2025-9951

ubuntu-cve-tracker

OR

unfixedneeded

 

ffmpeg

package type: source

type: version

tag: plucky_medium

ubuntu:16.04
CVE-2025-9951

ubuntu-cve-tracker

OR

unfixedneeded

 

ffmpeg

package type: source

type: version

tag: esm-apps/xenial_medium

ubuntu:18.04
CVE-2025-9951

ubuntu-cve-tracker

OR

unfixedignored: backport too intrusive

 

ffmpeg

package type: source

type: version

tag: esm-apps/bionic_medium

Data Sources

  • Ubuntu CVE Tracker

    ubuntu-cve-tracker

VulsFutureVuls|GitHub Logo IconGitHub