Description
A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service.
References
https://cwe.mitre.org/data/definitions/122.html
Third Party Advisory
https://trac.ffmpeg.org/ticket/8246
ExploitIssue TrackingVendor Advisory
https://www.debian.org/security/2021/dsa-4990
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-05-27T19:15:08.213
4 years agoLast modified
2022-10-26T18:00:39.647
2 years ago