FFmpeg Null Pointer Dereference Vulnerability in IAMF Header Processing

Vulnerability

A null pointer dereference vulnerability has been identified in FFmpeg version 7.1. The issue arises in the function 'iamf_read_header' within the IAMF decoder module, specifically in 'libavformat/iamfdec.c'. This vulnerability could potentially be exploited to cause a crash or unexpected behavior in the application.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, which can cause a crash or undefined behavior in the application.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FFmpeg Null Pointer Dereference Vulnerability in IAMF Header Processing

Vulnerability

Impact

Affected Products

ffmpeg

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating