Описание
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 7:5.1.2-3ubuntu1 |
| esm-apps/bionic | released | 7:3.4.11-0ubuntu0.1+esm3 |
| esm-apps/focal | released | 7:4.2.7-0ubuntu0.1+esm3 |
| esm-apps/jammy | released | 7:4.4.2-0ubuntu0.22.04.1+esm2 |
| esm-apps/noble | not-affected | 7:5.1.2-3ubuntu1 |
| esm-apps/xenial | ignored | see notes |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| kinetic | ignored | end of life, was needed |
Показывать по
Ссылки на источники
EPSS
8.1 High
CVSS3
Связанные уязвимости
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and ...
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
EPSS
8.1 High
CVSS3