View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-7206 low priority: Ubuntu including 2 source packages (ffmpeg, libav), 38 status rows across 19 suites (artful, bionic, cosmic, disco, focal, jammy, kinetic, lunar, mantic, noble, oracular, plucky, precise, questing, trusty, upstream, xenial, yakkety, zesty): DNE 18, not-affected 13, ignored 4, needs-triage 2, needed 1.
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.