PT-2019-6402 · FFmpeg+4 · Ffmpeg+4

Publicado

2019-08-26

·

Atualizado

2022-06-13

·

CVE-2020-20451

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2
Description The issue is related to a component of the FFmpeg multimedia library, specifically fftools/cmdutils.c, which is associated with incorrect memory deallocation before removing the last reference. This allows a remote attacker to cause a denial of service. The problem stems from resource management errors.
Recommendations For FFmpeg version 4.2, consider applying configuration changes or workarounds to minimize the risk of exploitation, such as restricting access to resources that could be affected by the denial of service issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401

Identificadores relacionados

ALT-PU-2019-2678
BDU:2023-07816
CVE-2020-20451
DLA-2818-1
OPENSUSE-SU-2021:2322-1
OPENSUSE-SU-2021_2322-1
SUSE-SU-2021:2322-1
SUSE-SU-2021:2929-1
USN-5167-1

Produtos afetados

Alt Linux
Astra Linux
Ffmpeg
Suse
Ubuntu