FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior.
[ { "source": "https://github.com/ffmpeg/ffmpeg/commit/50d8e4f27398fd5778485a827d7a2817921f8540", "signature_version": "v1", "target": { "file": "libavformat/dxa.c", "function": "dxa_read_header" }, "digest": { "length": 2547.0, "function_hash": "156825548688141601058306595999969747915" }, "deprecated": false, "signature_type": "Function", "id": "CVE-2024-36613-87a3b507" }, { "source": "https://github.com/ffmpeg/ffmpeg/commit/50d8e4f27398fd5778485a827d7a2817921f8540", "signature_version": "v1", "target": { "file": "libavformat/dxa.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "19354352296333334409736982320068450952", "111532564721454683587158500601024460103", "78841884200820564070246950342625793320", "53617894850614730808238348823325094575" ] }, "deprecated": false, "signature_type": "Line", "id": "CVE-2024-36613-a1d87f1b" } ]