CVE-2018-6912

CVE-2018-6912

EPSS 1.5%

The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed https://security.gentoo.org/glsa/202003-65