AttackFeed by Joe Wagner | FFmpeg 7.0+ Type Confusion in FFmpeg Function Pointer Calls (libavformat/utils.c)  - Full Disclosure

FFmpeg 7.0+ Type Confusion in FFmpeg Function Pointer Calls (libavformat/utils.c)  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Ron E on Sep 08

FFmpeg invokes function pointers through incorrect type casting, leading to
type confusion. UndefinedBehaviorSanitizer logs mismatched signatures in
utils.c:528. Crafted inputs can cause UB, misaligned function dispatch, and
possible arbitrary code execution depending on platform ABI. (FFmpeg 7.0 –
8.0)

*Impact:*

DoS in normal builds.

Potential information disclosure or RCE under certain
compilers/architectures.

*Proof…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a  – Full Disclosure
October 18, 2025
Alert Feeds
KL-001-2025-013: Xorux XorMon-NG Web Application Privilege Escalation to Administrator  – Full Disclosure
July 28, 2025
Alert Feeds
[SYSS-2025-015]: Verbatim Keypad Secure (security update v1.0.0.6) – Offline brute-force attack  – Full Disclosure
October 21, 2025
Alert Feeds
Re: [oss-security] runc container breakouts via procfs writes: CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881  – Full Disclosure
November 7, 2025
AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.