PT-2022-7203 · FFmpeg · Ffmpeg

3Pvd

Published

2022-07-27

Updated

2024-06-15

CVE-2022-2566

CVSS v3.1

9.0

Critical

Vector

AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions FFMPEG versions 5.1 and later

Description A heap out-of-bounds memory write exists in the build open gop key points() function due to an integer overflow. This occurs when the size calculation adds sc->ctts data[i].count to sc->sample offsets count, potentially resulting in a small allocation with av calloc(). An attacker can cause remote code execution via a malicious mp4 file.

Recommendations For FFMPEG versions 5.1 and later, upgrade past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 to resolve the issue. As a temporary workaround, consider restricting access to malicious mp4 files to minimize the risk of exploitation.

Fix

Integer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-122

Related Identifiers

BDU:2023-09086

CVE-2022-2566

OPENSUSE-SU-2024:12332-1

Affected Products

Ffmpeg

PT-2022-7203 · FFmpeg · Ffmpeg

CVE-2022-2566

Weakness Enumeration

Related Identifiers

Affected Products

References · 17