Unrated severityNVD Advisory· Published Nov 29, 2024· Updated Nov 29, 2024

CVE-2024-36619

Description

FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

FFmpeg/Ffmpegcpe-rescue2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: = n6.1.1
osv-coords
pkg:rpm/opensuse/ffmpeg-7&distro=openSUSE%20Tumbleweed
Range: < 7.1.1-4.1

Patches

Vulnerability mechanics

References

gist.github.com/1047524396/fad68e8251f4e34a1bb838de697d5119mitre
github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavcodec/wavarc.cmitre
github.com/ffmpeg/ffmpeg/commit/28c7094b25b689185155a6833caf2747b94774a4mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000