libav DSS File Demuxer avconv.c main double free

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

双重释放

libav 资源管理错误漏洞

Libav是Libav团队的一套跨平台的可对音频和视频进行录制、转换的解决方案，它包含了一个libavcodec编码器。 libav 12.3及之前版本存在资源管理错误漏洞，该漏洞源于组件DSS File Demuxer中文件/avtools/avconv.c的函数main存在双重释放。

N/A

N/A