CVE-2017-1000460 — NULL Pointer Dereference in Ffmpeg

CWE-476 — NULL Pointer Dereference4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 55.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ffmpeg Debian Ffmpeg Google Chrome +1 more

Timeline

PublishedJan 3

Latest updateMay 14

Description

In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages5 packages

▶debiandebian/ffmpeg< ffmpeg 7:3.1.1-1 (bookworm)

▶Debianffmpeg/ffmpeg< 7:3.1.1-1+3

▶NVDlibav/libav13_dev0

▶NVDffmpeg/ffmpeg3.4

▶NVDgoogle/chrome56.0.2924

Patches

Patch: chromium.googlesource.com ↗Patch: lists.ffmpeg.org ↗Patch: chromium.googlesource.com ↗

🔴Vulnerability Details

GHSA

GHSA-m7gw-r3vf-gf9w: In line libavcodec/h264dec↗2022-05-14

▶

OSV

CVE-2017-1000460: In line libavcodec/h264dec↗2018-01-03

▶

📋Vendor Advisories

Debian

CVE-2017-1000460: ffmpeg - In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 p...↗2017

▶