[FFmpeg-devel] [PATCH] avcodec/aacdec: Fix heap-use-after-free in USAC decoding (PR #21095)

PR #21095 opened by oliverchang URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21095 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21095.patch A heap-use-after-free vulnerability was identified in `libavcodec/aac/aacdec.c`. When `che_configure` frees a `ChannelElement` (`ac->che[type][

[FFmpeg-devel] [PATCH] libavcodec/prores_raw: Fix heap-buffer-overflow in decode_frame (PR #21085)

PR #21085 opened by oliverchang URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21085 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/21085.patch Fixes a heap-buffer-overflow in `decode_frame` where `header_len` read from the bitstream was not validated against the remaining bytes in the i