The swri_audio_convert function in audioconvert.c in FFmpeg libswresample up to and including 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
aubio aubio 0.4.6 |
||
ffmpeg ffmpeg 3.4.1 |
||
ffmpeg libswresample |