CVE-2025-8584

Sažetak

A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer.

Reference

https://drive.google.com/file/d/1OwDNHuTbZFNTDX9afmvez_old3oRC7dM/view?usp=sharing
https://trac.ffmpeg.org/ticket/11679
https://vuldb.com/?ctiid.318817
https://vuldb.com/?id.318817
https://vuldb.com/?submit.621824
https://trac.ffmpeg.org/ticket/11679

CVSS

Base:	1.7
Impact:	2.9
Exploitability:	3.1

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

05-08-2025 - 21:06

Objavljeno

05-08-2025 - 17:15