CVE-2024-31585
MEDIUMFFmpeg 5.1-6.1 - Denial of Service via Off-by-one Error in libavfilter/avf_showspectrum.c
Title source: llmDescription
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
References (12)
Core 12
Core References
Third Party Advisory
https://gist.github.com/1047524396/dc2c64ffe0c3934a6176bcd2c5cf5656
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/
Scores
CVSS v3
5.3
EPSS
0.0028
EPSS Percentile
19.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-193
Status
published
Products (4)
fedoraproject/fedora
38
fedoraproject/fedora
39
fedoraproject/fedora
40
ffmpeg/ffmpeg
5.1 - 7.0
Published
Apr 17, 2024
Tracked Since
Feb 18, 2026