CVE-2023-49501

Name of the Vulnerable Software and Affected Versions: Ffmpeg versions v.n6.1-3-g466799d4f5

Description: The issue is related to a buffer overflow vulnerability in the config eq output function, located in the libavfilter/asrc afirsrc.c component. This vulnerability allows a local attacker to execute arbitrary code. The exploitation of this issue can enable an attacker to run arbitrary code, potentially leading to system compromise.

Recommendations: For Ffmpeg version v.n6.1-3-g466799d4f5, consider disabling the config eq output function in the libavfilter/asrc afirsrc.c component as a temporary workaround until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.