Vulnerability Details : CVE-2017-14222
In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MOV file, which claims a large "item_count" field in the header but does not contain sufficient backing data, is provided, the loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.
Vulnerability category: Denial of service
Products affected by CVE-2017-14222
- cpe:2.3:a:ffmpeg:ffmpeg:3.3.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-14222
0.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-14222
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST | |
|
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2017-14222
-
The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-14222
-
http://www.securityfocus.com/bid/100701
FFmpeg 'libavformat/mov.c' Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/FFmpeg/FFmpeg/commit/9cb4eb772839c5e1de2855d126bf74ff16d13382
avformat/mov: Fix DoS in read_tfra() · FFmpeg/FFmpeg@9cb4eb7 · GitHubIssue Tracking;Patch;Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3996
Debian -- Security Information -- DSA-3996-1 ffmpeg
Jump to