CVE-2024-31581

Name of the Vulnerable Software and Affected Versions: FFmpeg version n6.1

Description: The issue is related to an improper validation of array index in the libavcodec/cbs h266 syntax template.c file of the FFmpeg library. This allows attackers to cause undefined behavior within the application. Exploitation of the vulnerability may enable a remote attacker to execute arbitrary code.

Recommendations: For FFmpeg version n6.1, consider disabling the functionality related to the libavcodec/cbs h266 syntax template.c file until a patch is available. Restrict access to the vulnerable library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.