CVE-2017-18247

Name of the Vulnerable Software and Affected Versions: Libav version 12.2

Description: The issue allows remote attackers to cause a denial of service, specifically a NULL pointer dereference, by providing a crafted media file. This is related to the av audio fifo size function in libavutil/audio fifo.c.

Recommendations: For Libav version 12.2, consider avoiding the use of the av audio fifo size function until a patch is available. As a temporary workaround, restrict the processing of crafted media files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.