FFmpeg n7.0 is affected by a Double Free via the rkmppretrieveframe function within libavcodec/rkmppdec.c.
{ "vanir_signatures": [ { "id": "CVE-2024-35368-0d37a617", "signature_type": "Function", "target": { "file": "libavcodec/rkmppdec.c", "function": "rkmpp_retrieve_frame" }, "signature_version": "v1", "digest": { "length": 4362.0, "function_hash": "274526751357325895500358476660843764889" }, "deprecated": false, "source": "https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c" }, { "id": "CVE-2024-35368-4320a962", "signature_type": "Line", "target": { "file": "libavcodec/rkmppdec.c" }, "signature_version": "v1", "digest": { "line_hashes": [ "306911071130297975795094548653679081151", "131388980745737827558144969647183475005", "255412755299430890258629731802180525726", "339424445463987978222173143330276753779", "234936756053766432194583478289374364462" ], "threshold": 0.9 }, "deprecated": false, "source": "https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c" } ] }