A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2157054 | Issue Tracking Patch Third Party Advisory |
https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/06/msg00016.html |
Configurations
History
13 Jun 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Jan 2023, 20:08
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:* | |
CWE | CWE-476 | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2157054 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e - Patch, Third Party Advisory | |
First Time |
Ffmpeg ffmpeg
Ffmpeg |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
12 Jan 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-12 15:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-3341
Mitre link : CVE-2022-3341
CVE.ORG link : CVE-2022-3341
JSON object : View
Products Affected
ffmpeg
- ffmpeg
CWE
CWE-476
NULL Pointer Dereference