THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-31581

Assigner:mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca)
Reserved:2024-04-05
Published:2024-04-17
Updated:2024-06-10

Description

FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application.

References

https://github.com/ffmpeg/ffmpeg/commit/ce0c178a408d43e71085c28a47d50dc939b60196

https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/cbs_h266_syntax_template.c#L2048

https://gist.github.com/1047524396/a7e9273e12553775826784035333cdd8

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ (FEDORA-2024-92780a83f9) vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ (FEDORA-2024-55e7e839f1) vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ (FEDORA-2024-3a548f46a8) vendor-advisory

cve.org CVE-2024-31581

nvd.nist.gov CVE-2024-31581

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-31581