CVE-2024-35367

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-35367

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35367.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-35367

Downstream

DEBIAN-CVE-2024-35367

DLA-4039-1

DSA-5985-1

JLSEC-2025-141

OESA-2024-2498

UBUNTU-CVE-2024-35367

USN-7823-1

Related

MGASA-2025-0306

Published

2024-11-29T20:15:19.957Z

Modified

2026-02-06T05:14:04.826230Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dspaltivec.c, static const vecs8 hsubpelfilters_outer

References

Affected packages

Git / git.ffmpeg.org/ffmpeg.git

Affected ranges

Type: GIT
Repo: https://git.ffmpeg.org/ffmpeg.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35367.json"

Git / github.com/ffmpeg/ffmpeg

Affected ranges

Type: GIT
Repo: https://github.com/ffmpeg/ffmpeg
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

09e6840cf7a3ee07a73c3ae88a020bf27ca1a667

Affected versions

Other

n0.*

n0.11-dev

n0.12-dev

n0.8

n1.*

n1.1-dev

n1.2-dev

n1.3-dev

n2.*

n2.0

n2.1-dev

n2.2-dev

n2.3-dev

n2.4-dev

n2.5-dev

n2.6-dev

n2.7-dev

n2.8-dev

n2.9-dev

n3.*

n3.1-dev

n3.2-dev

n3.3-dev

n3.4-dev

n3.5-dev

n4.*

n4.1-dev

n4.2-dev

n4.3-dev

n4.4-dev

n4.5-dev

n5.*

n5.1-dev

n5.2-dev

n6.*

n6.1-dev

n6.2-dev

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/ffmpeg/ffmpeg/commit/09e6840cf7a3ee07a73c3ae88a020bf27ca1a667",
        "id": "CVE-2024-35367-c4b3386b",
        "target": {
            "file": "libavcodec/ppc/vp8dsp_altivec.c"
        },
        "digest": {
            "line_hashes": [
                "259682988878454667576291958303939437277",
                "87725150107444232064691751296083860129",
                "47801605215104722417934347282991685932",
                "56199130851314056760859228870033957063",
                "154416232782993774866476439310983209319",
                "231441259298073948442436018781409406101",
                "155634294720639576414559575904349507251",
                "176004891651533147430633976079474171445"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-35367.json"