THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-31581

Assignermitre
Reserved2024-04-05
Published2024-04-17
Updated2024-06-10

Description

FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application.

References

https://github.com/ffmpeg/ffmpeg/commit/ce0c178a408d43e71085c28a47d50dc939b60196

https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/cbs_h266_syntax_template.c#L2048

https://gist.github.com/1047524396/a7e9273e12553775826784035333cdd8

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/ (FEDORA-2024-92780a83f9) vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/ (FEDORA-2024-55e7e839f1) vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/ (FEDORA-2024-3a548f46a8) vendor-advisory

cve.org CVE-2024-31581

nvd.nist.gov CVE-2024-31581

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-31581
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
© Copyright 2024 THREATINT. Made in Cyprus with +