CVE-2024-36618 Information

Description

FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow potentially resulting in a denial-of-service (DoS) condition.

Reference

https://gist.github.com/1047524396/a148f3679415a6da53ca112eb2ba1523 https://github.com/FFmpeg/FFmpeg/blob/n6.1.1/libavformat/avidec.c#L1699 https://github.com/ffmpeg/ffmpeg/commit/7a089ed8e049e3bfcb22de1250b86f2106060857