Primary

Context

libming Memory Leak Vulnerability in SWF Filter List Parsing Function

Vulnerability

A memory leak vulnerability has been identified in libming version 0.4.8, specifically within the parseSWF_FILTERLIST function in util/parser.c. This vulnerability allows attackers to cause a denial-of-service by exploiting the memory leak created when the function processes SWF files containing filter lists. The function allocates memory for the filters but does not release it, leading to increased memory usage and potential exhaustion of resources.

Impact

Exploitation of this vulnerability causes a memory leak, where allocated memory is not properly freed, leading to increased memory consumption and potential denial-of-service conditions.

Reproduction

The vulnerability can be reproduced by using the libming library version 0.4.8 and processing a crafted SWF file that includes filter lists. The memory leak can be detected using tools like AddressSanitizer, which will report the leaked memory allocation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libming Memory Leak Vulnerability in SWF Filter List Parsing Function

Vulnerability

Impact

Reproduction

Affected Products

libming

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating