UBUNTU-CVE-2025-1373

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-1373
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-1373.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-1373
Related
Published
2025-02-17T04:15:00Z
Modified
2025-06-05T17:08:02Z
Severity
  • 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function movreadtrak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The patch is identified as 43be8d07281caca2e88bfd8ee2333633e1fb1a13. It is recommended to apply a patch to fix this issue.

References

Affected packages

Ubuntu:Pro:14.04:LTS / libav

Package

Name
libav
Purl
pkg:deb/ubuntu/libav@6:9.20-0ubuntu0.14.04.1+esm1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6:0.*

6:0.8.7-1ubuntu2

6:9.*

6:9.10-1ubuntu1
6:9.10-1ubuntu2
6:9.10-1ubuntu5
6:9.10-1ubuntu6
6:9.10-1ubuntu7
6:9.11-2ubuntu1
6:9.11-2ubuntu2
6:9.13-0ubuntu0.14.04.1
6:9.14-0ubuntu0.14.04.1
6:9.16-0ubuntu0.14.04.1
6:9.18-0ubuntu0.14.04.1
6:9.20-0ubuntu0.14.04.1
6:9.20-0ubuntu0.14.04.1+esm1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / ffmpeg

Package

Name
ffmpeg
Purl
pkg:deb/ubuntu/ffmpeg@7:7.1.1-1ubuntu1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7:7.1.1-1ubuntu1

Affected versions

7:7.*

7:7.0.2-3ubuntu1
7:7.1-3ubuntu1
7:7.1-3ubuntu2
7:7.1-3ubuntu3
7:7.1-4ubuntu1
7:7.1-4ubuntu2

Ecosystem specific 

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "ffmpeg"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "ffmpeg-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "ffmpeg-doc"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavcodec-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavcodec-extra"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavcodec-extra61"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavcodec-extra61-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavcodec61"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavcodec61-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavdevice-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavdevice61"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavdevice61-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavfilter-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavfilter-extra"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavfilter-extra10"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavfilter-extra10-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavfilter10"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavfilter10-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavformat-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavformat-extra"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavformat-extra61"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavformat-extra61-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavformat61"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavformat61-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavutil-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavutil59"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libavutil59-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libpostproc-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libpostproc58"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libpostproc58-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libswresample-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libswresample5"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libswresample5-dbgsym"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libswscale-dev"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libswscale8"
        },
        {
            "binary_version": "7:7.1.1-1ubuntu1",
            "binary_name": "libswscale8-dbgsym"
        }
    ]
}