FFmpeg libavcodec/g2meet.c g2m_decode_frame null pointer dereference
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 3.0 | $0-$5k | 0.00 |
Summary
A vulnerability categorized as problematic has been discovered in FFmpeg. Affected by this vulnerability is the function g2m_decode_frame of the file libavcodec/g2meet.c. The manipulation results in null pointer dereference.
There is no available exploit.
It is advisable to implement a patch to correct this issue.
Details
A vulnerability classified as problematic has been found in FFmpeg (Multimedia Processing Software) (affected version unknown). Affected is the function g2m_decode_frame of the file libavcodec/g2meet.c. The manipulation with an unknown input leads to a null pointer dereference vulnerability. CWE is classifying the issue as CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. This is going to have an impact on availability.
The weakness was presented 06/09/2013 by Mateusz Jurczyk and Gynvael Coldwind as avcodec/g2meet: check framebuf has been allocated before use as confirmed git commit (GIT Repository). The advisory is shared for download at git.videolan.org. The public release was coordinated in cooperation with the vendor. The exploitability is told to be difficult. The attack can only be done within the local network. The exploitation doesn't require any form of authentication. There are known technical details, but no exploit is available.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.videolan.org. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at OSVDB (94131†) and Secunia (SA53766†). See VDB-9107, VDB-9109, VDB-9129 and VDB-9130 for similar entries. Once again VulDB remains the best source for vulnerability data.
Affected
- FFmpeg
- Libav
Product
Type
Name
License
Website
- Product: https://ffmpeg.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 3.1VulDB Meta Temp Score: 3.0
VulDB Base Score: 3.1
VulDB Temp Score: 3.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Null pointer dereferenceCWE: CWE-476 / CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Partially
Availability: 🔍
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: git.videolan.org
Timeline
06/09/2013 🔍06/09/2013 🔍
06/12/2013 🔍
06/19/2013 🔍
05/06/2018 🔍
Sources
Product: ffmpeg.orgAdvisory: avcodec/g2meet: check framebuf has been allocated before use
Researcher: Mateusz Jurczyk, Gynvael Coldwind
Status: Confirmed
Coordinated: 🔍
GCVE (VulDB): GCVE-100-9108
Secunia: 53766 - FFmpeg Multiple Vulnerabilities, Moderately Critical
OSVDB: 94131
See also: 🔍
Entry
Created: 06/12/2013 12:46Updated: 05/06/2018 11:33
Changes: 06/12/2013 12:46 (51), 05/06/2018 11:33 (1)
Complete: 🔍
Committer:
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.