PT-2019-6453 · FFmpeg+2 · Ffmpeg+2

Publicado

2019-09-11

Atualizado

2021-06-07

CVE-2020-22056

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2

Description A Denial of Service issue exists due to a memory leak in the config input function in af acrossover.c. This is caused by incorrect memory deallocation before removing the last reference. Exploitation of this issue can allow a remote attacker to cause a denial of service.

Recommendations For FFmpeg version 4.2, consider disabling the config input function in af acrossover.c as a temporary workaround until a patch is available. Restrict access to the af acrossover.c component to minimize the risk of exploitation. Avoid using the config input function until the issue is resolved.

Exploit

Correção

DoS

Memory Leak

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-401

Identificadores relacionados

ALT-PU-2019-2678

BDU:2024-09040

CVE-2020-22056

Produtos afetados

Alt Linux

Astra Linux

Ffmpeg

PT-2019-6453 · FFmpeg+2 · Ffmpeg+2

CVE-2020-22056

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 142