CVE-2026-6385

MEDIUM

Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser

Title source: cna

Description

A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds checks, leading to a heap out-of-bounds write. Successful exploitation can result in a denial of service (DoS) due to an application crash, and potentially lead to arbitrary code execution.

References (2)

[Vdb Entry, X_Refsource_Redhat] https://access.redhat.com/security/cve/CVE-2026-6385

[Issue Tracking, X_Refsource_Redhat] https://bugzilla.redhat.com/show_bug.cgi?id=2458764

Scores

CVSS v3 6.5

EPSS 0.0007

EPSS Percentile 21.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-190

Status published

Products (4)

Red Hat/Lightspeed Core

Red Hat/Red Hat AI Inference Server

Red Hat/Red Hat Enterprise Linux AI (RHEL AI) 3

Red Hat/Red Hat OpenShift AI (RHOAI)

Published Apr 15, 2026

Tracked Since Apr 16, 2026