CVE-2023-51796

LOW

Ffmpeg <N113007-g8d24a28d06 - Buffer Overflow

Title source: llm

Description

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

References (7)

Core 7

Core References

Product

https://ffmpeg.org/

Issue Tracking

https://trac.ffmpeg.org/ticket/10753

Mailing List

https://lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Mailing List

https://lists.fedoraproject.org/archives/list/[email protected]/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Scores

CVSS v3 3.6

EPSS 0.0003

EPSS Percentile 7.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (15)

fedoraproject/fedora 38

fedoraproject/fedora 39

fedoraproject/fedora 40

ffmpeg/ffmpeg 7.0

ffmpeg/ffmpeg 7.0.1

ffmpeg/ffmpeg 7.0.2

ffmpeg/ffmpeg 7.0.3

ffmpeg/ffmpeg 7.1 (2 CPE variants)

ffmpeg/ffmpeg 7.1.1

ffmpeg/ffmpeg 7.1.2

... and 5 more

Published Apr 19, 2024

Tracked Since Feb 18, 2026