CNNVD-202508-362 Information

CNNVD ID

CNNVD-202508-362

Related CVE

CVE-2025-8586

• CNNVD Published: 2025-08-05

Description (Chinese)

Libav是Libav团队的一套跨平台的可对音频和视频进行录制、转换的解决方案，它包含了一个libavcodec编码器。 libav 12.3及之前版本存在安全漏洞，该漏洞源于组件MPEG File Parser中文件/libavformat/utils.c的函数ff_seek_frame_binary存在空指针取消引用。

Description (English)

Libav is a cross-platform solution for recording and converting audio and video that includes a libavcodec encoder. There is a security loophole in libav 12.3 and previous versions, which stems from the ff seek frame binary of the file/libavformat/utils.c of the component MPEG File Parser, where there is an empty reference.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Libav

Published

2025-08-05

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.318819 https://vuldb.com/?submit.621826 https://drive.google.com/file/d/1CX1GZUyJVzyDDGLVa8FG58XUt_30kHKT/view?usp=sharing https://vuldb.com/?id.318819 https://trac.ffmpeg.org/ticket/11681 https://access.redhat.com/security/cve/cve-2025-8586

Patch

https://trac.ffmpeg.org/ticket/11681