Vulnerability Description
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ffmpeg | Ffmpeg | 6.1 |
| Fedoraproject | Fedora | 38 |
Related Weaknesses (CWE)
References
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproThird Party Advisory
- https://trac.ffmpeg.org/ticket/10691ExploitIssue TrackingVendor Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproThird Party Advisory
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://lists.fedoraproject.org/archives/list/[email protected]
- https://trac.ffmpeg.org/ticket/10691ExploitIssue TrackingVendor Advisory
FAQ
What is CVE-2023-49528?
CVE-2023-49528 is a vulnerability with a CVSS score of 8.0 (HIGH). Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_st...
How severe is CVE-2023-49528?
CVE-2023-49528 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-49528?
Check the references section above for vendor advisories and patch information. Affected products include: Ffmpeg Ffmpeg, Fedoraproject Fedora.