ffmpeg: ignore CVE-2025-25469

Details https://nvd.nist.gov/vuln/detail/CVE-2025-25469 This vulnerability exists in IAMF (Immersive Audio Model and Formats demuxer) which was introduced in version 7.0 [1] $ git tag --contains 4ee05182b7cccfa6928dcb0a45c2b50b7d9ea39b n7.0 n7.0.1 n7.0.2 n7.0.3 n7.1 n7.1-dev n7.1.1 n7.1.2 n7.1.3 n7.2-dev n8.0 n8.0.1 n8.1-dev [1] https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4ee05182b7cccfa6928dcb0a45c2b50b7d9ea39b (From OE-Core rev: 935bd46fab333a29a8bf4bb511fb55d5d02b3a71) Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ankur Tyagi <ankur.tyagi85@gmail.com> 2026-02-02 17:08:04 +1300
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2026-02-16 09:52:35 +0000
commit: b617f833e5eeff596ee85b63bd5c40cbf14c7ba9 (patch)
tree: 2e1d56ebc1594ca00f2743193340e57fc4b271a5 /meta/recipes-multimedia/ffmpeg
parent: b8600b66e4ad5b3f8a09b9f6f54fb566258d9e87 (diff)
download: poky-b617f833e5eeff596ee85b63bd5c40cbf14c7ba9.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb
index 8b0b7cfd6e..c1536015d9 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb
@@ -51,6 +51,8 @@ CVE_STATUS_GROUPS += "CVE_STATUS_FIXED_61x"
 CVE_STATUS_FIXED_61x = "CVE-2023-49502 CVE-2023-50007 CVE-2023-50008 CVE-2023-50009 CVE-2023-50010 CVE-2024-31578 CVE-2024-31582 CVE-2024-31585"
 CVE_STATUS_FIXED_61x[status] = "cpe-incorrect:these CVEs are fixed in 6.1.x"
+CVE_STATUS[CVE-2025-25469] = "cpe-incorrect: Current version (6.1.4) is not impacted."
 # Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
 ARM_INSTRUCTION_SET:armv4 = "arm"
 ARM_INSTRUCTION_SET:armv5 = "arm"
author	Ankur Tyagi <ankur.tyagi85@gmail.com>	2026-02-02 17:08:04 +1300
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2026-02-16 09:52:35 +0000
commit	b617f833e5eeff596ee85b63bd5c40cbf14c7ba9 (patch)
tree	2e1d56ebc1594ca00f2743193340e57fc4b271a5 /meta/recipes-multimedia/ffmpeg
parent	b8600b66e4ad5b3f8a09b9f6f54fb566258d9e87 (diff)
download	poky-b617f833e5eeff596ee85b63bd5c40cbf14c7ba9.tar.gz

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb index 8b0b7cfd6e..c1536015d9 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.4.bb
@@ -51,6 +51,8 @@ CVE_STATUS_GROUPS += "CVE_STATUS_FIXED_61x"
51	CVE_STATUS_FIXED_61x = "CVE-2023-49502 CVE-2023-50007 CVE-2023-50008 CVE-2023-50009 CVE-2023-50010 CVE-2024-31578 CVE-2024-31582 CVE-2024-31585"	51	CVE_STATUS_FIXED_61x = "CVE-2023-49502 CVE-2023-50007 CVE-2023-50008 CVE-2023-50009 CVE-2023-50010 CVE-2024-31578 CVE-2024-31582 CVE-2024-31585"
52	CVE_STATUS_FIXED_61x[status] = "cpe-incorrect:these CVEs are fixed in 6.1.x"	52	CVE_STATUS_FIXED_61x[status] = "cpe-incorrect:these CVEs are fixed in 6.1.x"
53		53
		54	CVE_STATUS[CVE-2025-25469] = "cpe-incorrect: Current version (6.1.4) is not impacted."
		55
54	# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717	56	# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
55	ARM_INSTRUCTION_SET:armv4 = "arm"	57	ARM_INSTRUCTION_SET:armv4 = "arm"
56	ARM_INSTRUCTION_SET:armv5 = "arm"	58	ARM_INSTRUCTION_SET:armv5 = "arm"