CVE-2021-25804

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions VLC Media Player version 3.0.11

Description The issue is related to a NULL-pointer dereference in the Open function within the avi.c file of the VLC Media Player. This can cause a denial of service (DOS) in the application, allowing a remote attacker to disrupt service.

Recommendations For version 3.0.11, consider disabling the Open function in avi.c as a temporary workaround until a patch is available. Restrict access to the avi.c component to minimize the risk of exploitation. Avoid using the Open function in the affected avi.c file until the issue is resolved.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2020-2503

ALT-PU-2020-3056

BDU:2022-02233

CVE-2021-25804

DLA-2728-1

DSA-4834-1

USN-6180-1

Affected Products

Alt Linux

Linuxmint

Ubuntu

Vlc Media Player

CVE-2021-25804

Weakness Enumeration

Related Identifiers

Affected Products

References · 21