First published: Sun Jun 07 2020(Updated: )
FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
FFmpeg FFmpeg | =2.8 | |
FFmpeg FFmpeg | =4.2.3 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =20.04 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
debian/ffmpeg | 7:4.3.7-0+deb11u1 7:4.3.8-0+deb11u1 7:5.1.6-0+deb12u1 7:7.1-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-13904 is a vulnerability in FFmpeg 2.8 and 4.2.3 that allows for a use-after-free attack via a crafted EXTINF duration in an m3u8 file.
CVE-2020-13904 has a severity score of 5.5, which is considered medium.
FFmpeg versions 2.8 and 4.2.3 are affected by CVE-2020-13904.
To fix CVE-2020-13904, update to FFmpeg version 4.2.4-1ubuntu0.1 or later.
More information about CVE-2020-13904 can be found at the following references: [Link 1](https://patchwork.ffmpeg.org/project/ffmpeg/patch/20200529033905.41926-1-lq@chinaffmpeg.org/), [Link 2](https://trac.ffmpeg.org/ticket/8673), [Link 3](https://www.debian.org/security/2020/dsa-4722).