CVE-2024-36615

Published: Nov 29, 2024

Modified: Dec 3, 2024

PUBLISHED

Description

FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/ffmpeg/ffmpeg/commit/0ba058579f332b3060d8470a04ddd3fbf305be61

https://github.com/FFmpeg/FFmpeg/blob/n7.0/libavcodec/vp9.c#L1738

https://gist.github.com/1047524396/c44e5eaafa8f408eea0c9411205990fb

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-36615

Description

Affected Products

References