FFmpeg could be made to crash if it opened a specially crafted
file.
Software Description:
- ffmpeg: Tools for transcoding, streaming and playing of multimedia files
Details:
It was discovered that FFmpeg incorrectly handled memory allocation in the
ALS audio decoder. If a user was tricked into loading a crafted media file,
a remote attacker could possibly use this issue to make FFmpeg crash,
resulting in a denial of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 ffmpeg 7:7.1.1-1ubuntu4.1 libavcodec61 7:7.1.1-1ubuntu4.1 libavformat61 7:7.1.1-1ubuntu4.1 Ubuntu 25.04 ffmpeg 7:7.1.1-1ubuntu1.3 libavcodec61 7:7.1.1-1ubuntu1.3 libavformat61 7:7.1.1-1ubuntu1.3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7871-1
CVE-2025-7700
Get the latest Linux and open source security news straight to your inbox.