Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local).
https://trac.ffmpeg.org/ticket/8860
https://trac.ffmpeg.org/ticket/8859
https://trac.ffmpeg.org/ticket/8845
http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f