Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-79769
HistoryAug 11, 2021 - 12:00 a.m.

FFmpeg heap reuse vulnerability after release

2021-08-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
ffmpeg
heap reuse
vulnerability
mpeg_mux_write_packet
denial of service
avi file
libavformat

EPSS

0.001

Percentile

50.5%

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video, and convert them to streams under the LGPL or GPL license. mpeg_mux_write_packet function in libavformat/mpegenc.c in FFmpeg version 4.2 suffers from a heap-release post-reuse vulnerability. An attacker could exploit the vulnerability to cause a denial of service via a specially crafted avi file.