Heap-memory write in FFMPEG
CVE-2022-2566

9CRITICAL

Key Information:

Vendor: Ffmpeg
Status: Ffmpeg
Vendor: CVE Published:; 23 September 2022

What is CVE-2022-2566?

A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in build_open_gop_key_points() goes through all entries in the loop and adds sc->ctts_data[i].count to sc->sample_offsets_count. This can lead to an integer overflow resulting in a small allocation with av_calloc(). An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05

Affected Version(s)

FFMPEG 5.1

FFMPEG ab77b878f1205225c6de1370fb0e998dbcc8bc69

FFMPEG < unspecified

References

https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2022
Vulnerability Reserved
Jul 28, 2022

Ffmpeg

What is CVE-2022-2566?

Affected Version(s)

References

CVSS V3.1

Timeline