CVE-2020-22038

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2

Description The issue is related to a memory leak in the ff v4l2 m2m create context function in v4l2 m2m.c of the FFmpeg multimedia library. This leak occurs due to incorrect memory deallocation before the removal of the last reference. Exploitation of this issue can allow a remote attacker to cause a denial of service.

Recommendations For FFmpeg version 4.2, consider disabling the ff v4l2 m2m create context function as a temporary workaround until a patch is available. Restrict access to the v4l2 m2m.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALT-PU-2019-2678

BDU:2024-09042

CLEANSTART-2026-EZ98723

CLEANSTART-2026-PS82605

CLEANSTART-2026-XE32069

CVE-2020-22038

MGASA-2021-0495

OESA-2025-1771

OESA-2025-1772

OESA-2025-1773

OPENSUSE-SU-2021:2322-1

OPENSUSE-SU-2021_2322-1

SUSE-SU-2021:2322-1

SUSE-SU-2021:2929-1

USN-6449-1

USN-6449-2

Affected Products

Alt Linux

Astra Linux

Debian

Ffmpeg

Linuxmint

Suse

Ubuntu

CVE-2020-22038

Weakness Enumeration

Related Identifiers

Affected Products

References · 241