CVE-2025-7700

Источник: debian

Описание

[NULL Pointer Dereference in FFmpeg ALS Decoder (libavcodec/alsdec.c)]

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ffmpeg	fixed	7:7.1.2-1		package
ffmpeg	postponed		bullseye	package

Примечания

Introduced with: https://git.ffmpeg.org/gitweb/ffmpeg.git/object/dcfd24b10c7eaec4b7b1ec2c4abb46808721a71d
Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/35a6de137a39f274d5e01ed0e0e6c4f04d0aaf07 (n8.0)
Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/e0c5acb3e343d1c91c0914a786ff59176d4066a2 (n7.1.2)
Fixed by: https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/aad4b59cfee1f0a3cf02f5e2b1f291ce013bf27e (n5.1.7)

Связанные уязвимости

CVE-2025-7700

ubuntu

3 месяца назад

[NULL Pointer Dereference in FFmpeg ALS Decoder (libavcodec/alsdec.c)]

CVE-2025-7700

CVSS3: 5.3

redhat

3 месяца назад

A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrupt services and cause a denial of service.

SUSE-SU-2025:03162-1

suse-cvrf

около 1 месяца назад

Security update for ffmpeg-4

SUSE-SU-2025:02990-1

suse-cvrf

около 2 месяцев назад

Security update for ffmpeg

SUSE-SU-2025:02972-1

suse-cvrf

около 2 месяцев назад

Security update for ffmpeg-4