CVE-2023-50010

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FFmpeg versions v.n6.1-3-g466799d4f5

Description The issue is related to a buffer overflow vulnerability in the set encoder id function, located in the /fftools/ffmpeg enc.c component. This vulnerability can be exploited by an attacker to execute arbitrary code, potentially allowing for remote code execution with specially crafted data.

Recommendations For FFmpeg version v.n6.1-3-g466799d4f5, consider disabling the set encoder id function as a temporary workaround until a patch is available. Restrict access to the /fftools/ffmpeg enc.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-120

Related Identifiers

BDU:2024-04849

CVE-2023-50010

DSA-5712-1

DSA-5721-1

MGASA-2024-0248

OESA-2024-1804

OESA-2024-1806

OESA-2024-1807

OESA-2024-1808

OPENSUSE-SU-2024:13934-1

OPENSUSE-SU-2024:13940-1

OPENSUSE-SU-2024_1592-1

OPENSUSE-SU-2024_1593-1

OPENSUSE-SU-2025:14974-1

OPENSUSE-SU-2025:15012-1

OPENSUSE-SU-2025_0862-1

OPENSUSE-SU-2026:20710-1

SUSE-SU-2024:1592-1

SUSE-SU-2024:1593-1

SUSE-SU-2024_1592-1

SUSE-SU-2024_1593-1

SUSE-SU-2025:0862-1

USN-6803-1

Affected Products

Astra Linux

Ffmpeg

Linuxmint

Suse

Ubuntu

CVE-2023-50010

Weakness Enumeration

Related Identifiers

Affected Products

References · 115