StackPatch is liveSee product

Back to CVE digest
CVE-2025-12343 · cross-distro fix matrix

CVE-2025-12343: Jiasheng Jiang discovered that FFmpeg incorrectly handled memory in

Affects 3 Linux releases across 50 (distro × package) combinations. First disclosed: 2026-06-24.

Fix per ecosystem

Each block below is a distro release where CVE-2025-12343 has a known fix. Run the listed command on that distro to remediate.

Ubuntu focal

Source: Ubuntu USN

  • ffmpeg→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y ffmpeg
  • ffmpeg-doc→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y ffmpeg-doc
  • libavcodec-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec-dev
  • libavcodec-extra→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec-extra
  • libavcodec-extra58→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec-extra58
  • libavcodec58→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec58
  • libavdevice-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavdevice-dev
  • libavdevice58→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavdevice58
  • libavfilter-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter-dev
  • libavfilter-extra→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter-extra
  • libavfilter-extra7→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter-extra7
  • libavfilter7→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter7
  • libavformat-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavformat-dev
  • libavformat58→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavformat58
  • libavresample-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavresample-dev
  • libavresample4→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavresample4
  • libavutil-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavutil-dev
  • libavutil56→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libavutil56
  • libpostproc-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libpostproc-dev
  • libpostproc55→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libpostproc55
  • libswresample-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libswresample-dev
  • libswresample3→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libswresample3
  • libswscale-dev→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libswscale-dev
  • libswscale5→ fixed in7:4.2.7-0ubuntu0.1+esm13USN-8469-1
    sudo apt-get install --only-upgrade -y libswscale5

Ubuntu jammy

Source: Ubuntu USN

  • ffmpeg→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y ffmpeg
  • ffmpeg-doc→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y ffmpeg-doc
  • libavcodec-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec-dev
  • libavcodec-extra→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec-extra
  • libavcodec-extra58→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec-extra58
  • libavcodec58→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavcodec58
  • libavdevice-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavdevice-dev
  • libavdevice58→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavdevice58
  • libavfilter-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter-dev
  • libavfilter-extra→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter-extra
  • libavfilter-extra7→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter-extra7
  • libavfilter7→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavfilter7
  • libavformat-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavformat-dev
  • libavformat-extra→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavformat-extra
  • libavformat-extra58→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavformat-extra58
  • libavformat58→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavformat58
  • libavutil-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavutil-dev
  • libavutil56→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libavutil56
  • libpostproc-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libpostproc-dev
  • libpostproc55→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libpostproc55
  • libswresample-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libswresample-dev
  • libswresample3→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libswresample3
  • libswscale-dev→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libswscale-dev
  • libswscale5→ fixed in7:4.4.2-0ubuntu0.22.04.1+esm12USN-8469-1
    sudo apt-get install --only-upgrade -y libswscale5

Ubuntu noble

Source: Ubuntu USN

  • ffmpeg→ fixed in7:6.1.1-3ubuntu5+esm10USN-8469-1
    sudo apt-get install --only-upgrade -y ffmpeg
  • ffmpeg-doc→ fixed in7:6.1.1-3ubuntu5+esm10USN-8469-1
    sudo apt-get install --only-upgrade -y ffmpeg-doc
Are YOU affected by CVE-2025-12343?

5-second check on your actual server. Reads /etc/os-release, uname -r, and the distro's package manager; matches against this same cross-source index live.

curl https://mindsparkstack.com/scan.sh | bash
Form-based quickscan View on NVD
Continuous monitoring beats manual checking

CVE-2025-12343dropped silently in your distro's update channel. Every new CVE is the same story. StackPatch runs the matcher hourly against all 5 sources and emails the exact remediation when something new applies to one of your servers. From $9/mo, 14-day free trial, cancel anytime.

See StackPatch (from $9/mo)