3Pvd

**Name of the Vulnerable Software and Affected Versions** FFMPEG versions 5.1 and later **Description** A heap out-of-bounds memory write exists in the `build open gop key points()` function due to an integer overflow. This occurs when the size calculation adds `sc->ctts data[i].count` to `sc->sample offsets count`, potentially resulting in a small allocation with `av calloc()`. An attacker can cause remote code execution via a malicious mp4 file. **Recommendations** For FFMPEG versions 5.1 and later, upgrade past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 to resolve the issue. As a temporary workaround, consider restricting access to malicious mp4 files to minimize the risk of exploitation.