Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Libav 安全漏洞
Vulnerability Description
Libav(前身是FFmpeg)是Libav团队的一套跨平台的可对音频和视频进行录制、转换的解决方案,它包含了一个libavcodec编码器。 Libav 11.11及之前的版本和12.x版本至12.1版本中的libavcodec/smacker.c文件的‘smacker_decode_tree’函数存在安全漏洞,该漏洞源于程序没有正确的限制树递归。远程攻击者可借助特制的Smacker流利用该漏洞造成拒绝服务(‘bitstream.c:build_table()’函数越边界读取和应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A