CVE-2021-38090: 
Ffmpeg vulnerability analysis and mitigation

Integer Overflow vulnerability was discovered in the filter16_roberts function within libavfilter/vf_convolution.c of FFmpeg version 4.2.1. This vulnerability was assigned CVE-2021-38090 and was publicly disclosed on September 20, 2021. The vulnerability affects FFmpeg multimedia framework and its associated libraries (NVD, Ubuntu).

The vulnerability is classified as an Integer Overflow issue with a CVSS v3.1 base score of 8.8 (High). The vulnerability exists in the filter16_roberts function where integer calculations could result in an overflow condition. The technical assessment indicates that the vulnerability has network attack vector with low attack complexity, requires no privileges but does need user interaction (NVD, Ubuntu).

If successfully exploited, this vulnerability could allow attackers to cause a Denial of Service (DoS) condition or potentially have other unspecified impacts on the affected system. The vulnerability affects the system's confidentiality, integrity, and availability, all rated as High in the CVSS scoring (NVD).

A fix for this vulnerability has been implemented and is available through various distribution channels. Ubuntu has released security updates for affected versions, particularly in Ubuntu 20.04 LTS with version 7:4.2.7-0ubuntu0.1+esm3. The fix was committed to the FFmpeg source code repository (FFmpeg Commit, Ubuntu Notice).