Primary

Context

Libav Null Pointer Dereference Vulnerability in MPEG File Parser

Vulnerability

A null pointer dereference vulnerability has been identified in Libav versions through 12.3, specifically within the MPEG file parser component. The issue arises in the 'ff_seek_frame_binary' function located in 'libavformat/utils.c'. When the parser processes malformed MPEG files, it can lead to a segmentation fault by accessing a null 'index_entries' array. This vulnerability can be exploited locally, and a proof-of-concept exploit is publicly available.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the application.

Reproduction

The vulnerability can be reproduced using 'avconv', a Libav command-line tool. After compiling Libav with specific flags to disable shared libraries and inline assembly, the tool can be run with the '-ss' option to seek a specific timestamp in a malformed MPEG file. This file, which is available as part of the VulDB entry, triggers the null pointer dereference when processed, causing 'avconv' to crash.

Added: Aug 5, 2025, 6:18 PM

Updated: Aug 5, 2025, 6:18 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Libav Null Pointer Dereference Vulnerability in MPEG File Parser

Vulnerability

Impact

Reproduction

Affected Products

libav

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating