Out-of-bounds read in FFmpeg

#VU32009 Out-of-bounds read in FFmpeg

Published: 2018-07-23 | Updated: 2020-07-28

Vulnerability identifier: #VU32009

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-1999014

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FFmpeg
Universal components / Libraries / Libraries used by multiple products

Vendor: ffmpeg.sourceforge.net

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later.

Mitigation
Install update from vendor's website.

Vulnerable software versions

FFmpeg: 0.29

External links
http://www.securityfocus.com/bid/104896
http://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Out-of-bounds read in ffmpeg (Alpine package)

Out-of-bounds read in ffmpeg.sourceforge.net FFmpeg