CVE-2024-31585

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions FFmpeg versions n5.1 to n6.1

Description The issue is related to an Off-by-one Error vulnerability in the libavfilter/avf showspectrum.c component of the FFmpeg library. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

Recommendations For FFmpeg versions n5.1 to n6.1, consider disabling the libavfilter/avf showspectrum.c component until a patch is available to prevent potential Denial of Service (DoS) attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-193

Related Identifiers

BDU:2024-09447

CVE-2024-31585

DSA-5712-1

MGASA-2024-0248

OESA-2024-2155

OESA-2024-2202

OESA-2024-2204

OESA-2024-2205

OPENSUSE-SU-2024:13888-1

USN-6803-1

Affected Products

Astra Linux

Ffmpeg

Linuxmint

Red Os

Ubuntu

CVE-2024-31585

Weakness Enumeration

Related Identifiers

Affected Products

References · 62