Zeng Yunxiang

**Name of the Vulnerable Software and Affected Versions** FFmpeg version 7.0 **Description** The issue is related to a buffer overflow in the `hevc frame end` function of the FFmpeg library, located in `libavcodec/hevcdec.c`. This can lead to an out-of-bounds operation in memory, potentially allowing an attacker to disclose protected information. The vulnerability is associated with a SEGV at `libavcodec/hevcdec.c:2947:22` in the `hevc frame end` function. **Recommendations** For FFmpeg version 7.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FFmpeg version 7.0 **Description** The issue is related to a heap-buffer-overflow in the `copy column` function of the `libavfilter/vf tiltandshift.c` file in the FFmpeg multimedia library. This can allow an attacker to execute arbitrary code. **Recommendations** For FFmpeg version 7.0, consider disabling the `copy column` function in `libavfilter/vf tiltandshift.c` as a temporary workaround until a patch is available. Restrict access to the vulnerable `libavfilter` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ffmpeg version N113007-g8d24a28d06 **Description** The issue is related to a buffer overflow vulnerability in the libavfilter/af stereowiden.c file of the FFmpeg library. This vulnerability can be exploited by a local attacker to execute arbitrary code. The vulnerability is associated with a heap buffer overflow. **Recommendations** For Ffmpeg version N113007-g8d24a28d06, consider disabling the `libavfilter/af stereowiden.c` file or restricting its use until a patch is available. As a temporary workaround, avoid using the affected function or module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FFmpeg version N113007-g8d24a28d06 Description: The issue is related to incorrect code generation management in the showwaves filter frame component of the FFmpeg multimedia library. Exploitation of this issue may allow an attacker to execute arbitrary code. A buffer overflow vulnerability in FFmpeg allows a local attacker to execute arbitrary code via the libavfilter/avf showwaves.c file, specifically in the showwaves filter frame function at line 722. Recommendations: For FFmpeg version N113007-g8d24a28d06, consider disabling the showwaves filter frame function in the libavfilter/avf showwaves.c file as a temporary workaround until a patch is available. Restrict access to the libavfilter module to minimize the risk of exploitation. Avoid using the showwaves filter frame function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg versions v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow vulnerability in the config eq output function, located in the libavfilter/asrc afirsrc.c component. This vulnerability allows a local attacker to execute arbitrary code. The exploitation of this issue can enable an attacker to run arbitrary code, potentially leading to system compromise. Recommendations: For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the config eq output function in the libavfilter/asrc afirsrc.c component as a temporary workaround until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version N113007-g8d24a28d06 Description: The issue is related to a buffer overflow vulnerability in the interpolate component of the Ffmpeg library, specifically in the libavfilter/vf minterpolate.c file. This vulnerability is caused by copying a buffer without checking the size of the input data, which can allow an attacker to execute arbitrary code via a floating point exception error. Recommendations: For Ffmpeg version N113007-g8d24a28d06, consider disabling the `interpolate` function in libavfilter/vf minterpolate.c as a temporary workaround until a patch is available. Restrict access to the vulnerable `libavfilter/vf minterpolate.c` module to minimize the risk of exploitation. Avoid using the vulnerable component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version v.n6.1-3-g466799d4f5 Description: The issue is related to a Buffer Overflow in the `av samples set silence` function, located in the `libavutil/samplefmt.c` component of the Ffmpeg library. This allows a local attacker to potentially execute arbitrary code. The vulnerability is associated with a buffer overflow operation that can lead to the disclosure of protected information. Recommendations: For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the `av samples set silence` function as a temporary workaround until a patch is available. Restrict access to the `libavutil/samplefmt.c` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FFmpeg versions prior to the fixed version Description: The issue is related to a buffer overflow vulnerability in the `ff gaussian blur 8` function, located in `libavfilter/edge template.c`, which can allow a local attacker to execute arbitrary code. This vulnerability is associated with a heap-based buffer overflow. Recommendations: For FFmpeg versions prior to the fixed version, consider disabling the `ff gaussian blur 8` function as a temporary workaround until a patch is available. Restrict access to the `libavfilter/edge template.c` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version N113007-g8d24a28d06 Description: The issue is related to a buffer overflow in the image copy plane component of the Ffmpeg library, specifically in the libavutil/imgutils.c file. This occurs due to the lack of size checking for input data during the buffer copying process. Exploitation of this issue can allow a local attacker to execute arbitrary code. Recommendations: For Ffmpeg version N113007-g8d24a28d06, consider disabling the image copy plane function in libavutil/imgutils.c as a temporary workaround until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. Avoid using the affected function in the image processing workflow until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version N113007-g8d24a28d06 Description: The issue is related to a buffer overflow in the areverse request frame component of the libavfilter module in the Ffmpeg library. This occurs due to the lack of size checking for input data during the copying process. An attacker can exploit this to execute arbitrary code. The vulnerability is present in the libavfilter/f reverse.c file at line 269:26. Recommendations: For Ffmpeg version N113007-g8d24a28d06, consider disabling the areverse request frame function in the libavfilter module as a temporary workaround until a patch is available. Restrict access to the libavfilter/f reverse.c module to minimize the risk of exploitation. Avoid using the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow in the `ff bwdif filter intra c` function, located in the `libavfilter/bwdifdsp.c` component. This allows an attacker to execute arbitrary code. The vulnerability is associated with uncontrolled copying of user data, which can be exploited by a remote attacker to achieve code execution. Recommendations: For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the `ff bwdif filter intra c` function as a temporary workaround until a patch is available. Restrict access to the `libavfilter/bwdifdsp.c` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version N113007-g8d24a28d06 Description: The issue is related to a Buffer Overflow vulnerability in the `libavfilter/avf showspectrum.c` component, specifically in the `showspectrumpic request frame` function. This vulnerability allows a local attacker to execute arbitrary code. The vulnerability is associated with a heap buffer overflow. Recommendations: For Ffmpeg version N113007-g8d24a28d06, consider disabling the `showspectrumpic request frame` function in the `libavfilter/avf showspectrum.c` component as a temporary workaround until a patch is available. Restrict access to the vulnerable `libavfilter` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Ffmpeg version N113007-g8d24a28d06 Description: The issue is related to a buffer overflow in the libavcodec/jpegxl parser.c file, specifically in the `gen alias map` function. This can allow a local attacker to execute arbitrary code, potentially leading to information disclosure. Recommendations: For Ffmpeg version N113007-g8d24a28d06, consider disabling the `gen alias map` function in the libavcodec/jpegxl parser.c file as a temporary workaround until a patch is available. Restrict access to the vulnerable libavcodec/jpegxl parser.c module to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: FFmpeg version n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow in the de stereo component of the FFmpeg library, specifically in the af dialoguenhance.c file. This allows a local attacker to execute arbitrary code and cause a denial of service (DoS). The vulnerability is located at line 261, column 5, in the af dialoguenhance.c file. Recommendations: For FFmpeg version n6.1-3-g466799d4f5, consider disabling the de stereo component until a patch is available to prevent exploitation of the buffer overflow vulnerability. Restrict access to the af dialoguenhance.c module to minimize the risk of arbitrary code execution and denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FFmpeg version 7.0 **Description** The issue is related to the `load input picture` function in the FFmpeg multimedia library, which involves copying a buffer without checking the size of the input data. This can allow an attacker to execute arbitrary code. A negative-size-param bug is present at `libavcodec/mpegvideo enc.c:1216:21` in the `load input picture` function. **Recommendations** For FFmpeg version 7.0, consider disabling the `load input picture` function until a patch is available to prevent potential exploitation. Restrict access to the `libavcodec/mpegvideo enc.c` module to minimize the risk of exploitation. Avoid using the `load input picture` function in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions n5.1 to n6.1 **Description** The issue is related to an Off-by-one Error vulnerability in the libavfilter/avf showspectrum.c component of the FFmpeg library. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. **Recommendations** For FFmpeg versions n5.1 to n6.1, consider disabling the `libavfilter/avf showspectrum.c` component until a patch is available to prevent potential Denial of Service (DoS) attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions v.n6.1-3-g466799d4f5 **Description** The issue is related to a buffer overflow vulnerability in the set encoder id function, located in the /fftools/ffmpeg enc.c component. This vulnerability can be exploited by an attacker to execute arbitrary code, potentially allowing for remote code execution with specially crafted data. **Recommendations** For FFmpeg version v.n6.1-3-g466799d4f5, consider disabling the `set encoder id` function as a temporary workaround until a patch is available. Restrict access to the /fftools/ffmpeg enc.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ffmpeg version v.n6.1-3-g466799d4f5 **Description** The issue is related to a buffer overflow in the `av malloc` function, located in the `libavutil/mem.c` component of the Ffmpeg library. This buffer overflow is caused by copying without checking the input data, which can allow an attacker to execute arbitrary code, access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the `av malloc` function in the `libavutil/mem.c` component as a temporary workaround until a patch is available. Restrict access to the `libavutil/mem.c` component to minimize the risk of exploitation. Avoid using the `av malloc` function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gpac MP4Box version 2.3-DEV-rev573-g201320819-master **Description** The issue is caused by a buffer overflow in the `gf isom get user data()` function, which can be exploited by a local attacker to cause a denial of service. This buffer overflow vulnerability is located in the gpac/src/isomedia/isom read.c file at line 2807:51. **Recommendations** For gpac MP4Box version 2.3-DEV-rev573-g201320819-master, consider disabling the `gf isom get user data()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** tsMuxer version git-2539d07 **Description** The issue is related to an alloc-dealloc-mismatch error, specifically due to the use of operator new [] vs operator delete. This error was discovered in tsMuxer. **Recommendations** For tsMuxer version git-2539d07, as a temporary workaround, consider restricting the use of the affected memory allocation functions until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.