CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-48434
https://notcve.org/view.php?id=CVE-2022-48434
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used). • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/cc867f2c09d2b69cee8a0eccd62aff002cbbfe11 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KOMB6WRUC55VWV25IKJTV22KARBUGWGQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQHNSWXFUN3VJ3AO2AEJUK3BURSGM5G2 https://news.ycombinator.com/item?id=35356201 https://security.gentoo.org/glsa/202312-14 https://wrv.github.io/h26forge.pdf • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3341
https://notcve.org/view.php?id=CVE-2022-3341
A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash. • https://bugzilla.redhat.com/show_bug.cgi?id=2157054 https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e https://lists.debian.org/debian-lts-announce/2023/06/msg00016.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3109
https://notcve.org/view.php?id=CVE-2022-3109
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. Se descubrió un problema en el paquete FFmpeg, donde vp3_decode_frame en libavcodec/vp3.c carece de verificación del valor de retorno de av_malloc() y provocará una desreferencia del puntero nulo, lo que afectará la disponibilidad. • https://bugzilla.redhat.com/show_bug.cgi?id=2153551 https://github.com/FFmpeg/FFmpeg/commit/656cb0450aeb73b25d7d26980af342b37ac4c568 https://lists.debian.org/debian-lts-announce/2023/06/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KOMB6WRUC55VWV25IKJTV22KARBUGWGQ https://www.debian.org/security/2023/dsa-5394 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-38291
https://notcve.org/view.php?id=CVE-2021-38291
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. Una versión de FFmpeg (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) sufre un fallo de aserción en el archivo src/libavutil/mathematics.c • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html https://security.gentoo.org/glsa/202312-14 https://trac.ffmpeg.org/ticket/9312 https://www.debian.org/security/2021/dsa-4990 https://www.debian.org/security/2021/dsa-4998 • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3566
https://notcve.org/view.php?id=CVE-2021-3566
Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg). Anterior a versión 4.3 de ffmpeg, el demuxer tty no tenía una función "read_probe" asignada. Si se diseña un archivo "ffconcat" legítimo que haga referencia a una imagen, seguido de un archivo que desencadenar el demuxer tty, el contenido del segundo archivo se copiará en el archivo de salida literalmente (siempre que se pase la opción "vcodec copy" a ffmpeg) • https://github.com/FFmpeg/FFmpeg/commit/3bce9e9b3ea35c54bacccc793d7da99ea5157532#diff-74f6b92a0541378ad15de9c29c0a2b0c69881ad9ffc71abe568b88b535e00a7f https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •