{"id":9760,"date":"2025-08-05T12:52:05","date_gmt":"2025-08-05T12:52:05","guid":{"rendered":"http:\/\/localhost\/?p=9760"},"modified":"2025-08-05T12:52:05","modified_gmt":"2025-08-05T12:52:05","slug":"libav-avi-file-parser-bufferc-avbufferunref-null-pointer-dereference","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=9760","title":{"rendered":"libav AVI File Parser buffer.c av_buffer_unref null pointer dereference"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nlibav AVI File Parser buffer.c av_buffer_unref null pointer dereference<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-08-05T16:32:06.484Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-08-05T16:32:06.484Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nn\/a<\/td>\n<\/tr>\n
Product<\/th>\nlibav<\/td>\n<\/tr>\n
Version<\/th>\n12.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n4.8 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:L\/AC:L\/AT:N\/PR:L\/UI:N\/VC:N\/VI:N\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA null pointer dereference vulnerability in libav up to version 12.3 affects the AVI File Parser. This issue requires local access to exploit and was disclosed to the wrong project initially. The vulnerability impacts products that are no longer supported.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nFFmpeg Project<\/td>\n<\/tr>\n
AI Product<\/th>\nlibav<\/td>\n<\/tr>\n
AI Version<\/th>\n12.0, 12.1, 12.2, 12.3<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n