CVE-2025-0518

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions FFmpeg version 7.1

Description The issue is an Unchecked Return Value, Out-of-bounds Read vulnerability that allows reading sensitive constants within an executable. This vulnerability is associated with program files, specifically the af pan.C file in the libavfilter directory. The issue was discovered by Simcha Kosman.

Recommendations For FFmpeg version 7.1, update to a version that includes the fix committed at https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a to resolve the issue. As a temporary workaround, consider restricting access to sensitive constants within the executable until the update is applied.

Fix

Unchecked Return Value

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252CWE-125

Related Identifiers

BDU:2025-06052

CVE-2025-0518

DLA-4073-1

DSA-5985-1

MGASA-2025-0085

OPENSUSE-SU-2025:14833-1

OPENSUSE-SU-2025:14834-1

OPENSUSE-SU-2025:15010-1

OPENSUSE-SU-2025_0862-1

OPENSUSE-SU-2025_1128-1

OPENSUSE-SU-2025_1450-1

OPENSUSE-SU-2026:20710-1

SUSE-SU-2025:0862-1

SUSE-SU-2025:1128-1

SUSE-SU-2025:1450-1

USN-7538-1

Affected Products

Astra Linux

Debian

Ffmpeg

Linuxmint

Red Os

Suse

Ubuntu

CVE-2025-0518

Weakness Enumeration

Related Identifiers

Affected Products

References · 95