CVE-2025-69693 — Out-of-bounds Read in Ffmpeg

CWE-125 — Out-of-bounds Read10 documents7 sources

Severity

5.4MEDIUMNVD

EPSS

0.0%

top 96.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ffmpeg Debian Ffmpeg

Timeline

PublishedMar 16

Description

Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) validation at line 2267 only checks the lower bound (qp < 0) but is missing upper bound validation. The qp value can reach 65 (base value 63 from 6-bit frame header + offset +2 from read_qp_offset) while the rv60_qp_to_idx array has size 64 (valid indices 0-63). This results in out-of-bounds array access at lines 1554 (decode_cbp8), 1655 (decode_cbp16), and 1419/1421 (get_c4x4_se…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages3 packages

▶debiandebian/ffmpeg< ffmpeg 7:8.1-1 (forky)

▶Debianffmpeg/ffmpeg< 7:8.1-1

▶NVDffmpeg/ffmpeg8.0, 8.0.1+1

Patches

Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2025-69693: Out-of-bounds read in FFmpeg 8↗2026-03-16

▶

GHSA

GHSA-h8p2-x23p-rfv3: Out-of-bounds read in FFmpeg 8↗2026-03-16

▶

CVEList

CVE-2025-69693: Out-of-bounds read in FFmpeg 8↗2026-03-16

▶

📋Vendor Advisories

Red Hat

FFmpeg: out-of-bounds read in RV60 video decoder↗2026-03-16

▶

Debian

CVE-2025-69693: ffmpeg - Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60de...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-12343 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-63757 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-69693 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

Wiz

CVE-2025-10256 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶