First published: Fri Sep 23 2022(Updated: )
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
FFmpeg FFmpeg | =5.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this FFMPEG vulnerability is CVE-2022-2566.
The severity of CVE-2022-2566 is critical with a CVSS score of 7.8.
FFMPEG version 5.1 is affected by CVE-2022-2566.
CVE-2022-2566 can lead to an integer overflow resulting in a small allocation with potential for code execution, denial of service, or information disclosure.
Yes, a fix is available for CVE-2022-2566. It is recommended to update to a fixed version of FFMPEG.