CVE-2023-51793

Published: Apr 19, 2024Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.

Affected (13)

Products: Ffmpeg: Ffmpeg

1 product

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Ffmpeg Ffmpeg	Version 7.0.1
Ffmpeg Ffmpeg	Version 7.0.2
Ffmpeg Ffmpeg	Version 7.0.3
Ffmpeg Ffmpeg	Version 7.0
Ffmpeg Ffmpeg	Version 7.1.1
Ffmpeg Ffmpeg	Version 7.1.2
Ffmpeg Ffmpeg	Version 7.1.3
Ffmpeg Ffmpeg	Version 7.1
Ffmpeg Ffmpeg	Version 7.1 dev
Ffmpeg Ffmpeg	Version 7.2 dev
Ffmpeg Ffmpeg	Version 8.0.1
Ffmpeg Ffmpeg	Version 8.0
Ffmpeg Ffmpeg	Version 8.1 dev

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (12)

https://ffmpeg.org/

Source: cve@mitre.org

Product

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Source: cve@mitre.org

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

Source: cve@mitre.org

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Source: cve@mitre.org

Mailing List

https://trac.ffmpeg.org/ticket/10743

Source: cve@mitre.org

Issue Tracking

https://ffmpeg.org/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://trac.ffmpeg.org/ticket/10743

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

Timeline

No history available yet.