PT-2021-4510 · FFmpeg+4 · Ffmpeg+4

Published

2019-09-11

Updated

2022-06-08

CVE-2020-22030

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FFmpeg version 4.2

Description A heap-based Buffer Overflow issue exists in the crossfade samples fltp function of the libavfilter/af afade.c component, potentially leading to memory corruption. This could allow a remote attacker to impact the integrity, availability, and confidentiality of information.

Recommendations For FFmpeg version 4.2, consider disabling the crossfade samples fltp function as a temporary workaround until a patch is available. Restrict access to the libavfilter/af afade.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2019-2678

BDU:2021-05148

CVE-2020-22030

DSA-4990-1

USN-5472-1

Affected Products

Alt Linux

Astra Linux

Ffmpeg

Linuxmint

Ubuntu

PT-2021-4510 · FFmpeg+4 · Ffmpeg+4

CVE-2020-22030

Weakness Enumeration

Related Identifiers

Affected Products

References · 52