Описание
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needed | |
| esm-apps-legacy/xenial | not-affected | code not present |
| esm-apps/bionic | released | 7:3.4.11-0ubuntu0.1+esm11 |
| esm-apps/focal | released | 7:4.2.7-0ubuntu0.1+esm11 |
| esm-apps/jammy | released | 7:4.4.2-0ubuntu0.22.04.1+esm10 |
| esm-apps/noble | released | 7:6.1.1-3ubuntu5+esm6 |
| esm-apps/resolute | not-affected | 7:7.1.2-1 |
| esm-apps/xenial | ignored | end of ESM support, was needed |
| jammy | needed | |
| noble | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | not-affected | code not present |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| resolute | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
A NULL pointer dereference vulnerability exists in FFmpeg\u2019s Fireq ...
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
Уязвимость функции config_input() мультимедийной библиотеки FFmpeg, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.3 Medium
CVSS3