CRITICAL🇵🇱 Wersja polska

CVE-2024-22860

CVSS 9.8v3.1pub. 2024-01-27upd. 2025-08-11

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.

🤖 AI Analysis
How it works

The vulnerability lies in the jpegxl_anim_read_packet component responsible for reading animation packets in JPEG XL format. Due to integer overflow (CWE-190), incorrect buffer size or memory index calculation occurs. An attacker can remotely send a crafted multimedia file that triggers this error during processing, potentially leading to out-of-bounds buffer write and arbitrary code execution.

Impact

An attacker can gain full control over the system running the vulnerable FFmpeg — including confidentiality, integrity, and availability of data are completely compromised (CVSS scores C:H/I:H/A:H).

Mitigation & patch

FFmpeg should be updated to version n6.1 or later. The patch is available in the project repository (commit d2e8974699a9e35cc1a926bf74a972300d629cd5). If immediate update is not possible, processing of JPEG XL files from untrusted sources should be restricted.

Who is affected

FFmpeg in versions prior to n6.1

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ffmpeg

    APP
    Ffmpeg
    6.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-35368CRITICAL9.8PL ✓ten sam produkt

Double Free w FFmpeg — podatność w dekoderze RKMPP (libavcodec)

CVE-2024-35366CRITICAL9.1PL ✓ten sam produkt

FFmpeg: Integer Overflow w parse_options (sbgdec.c) — moduł libavformat

CVE-2024-35367CRITICAL9.1PL ✓ten sam produkt

FFmpeg: Out-of-bounds Read w dekoderze VP8 na architekturze PowerPC (AltiVec)

CVE-2024-31581CRITICAL9.8PL ✓ten sam produkt

FFmpeg: nieprawidłowa walidacja indeksu tablicy w dekodowaniu H.266

CVE-2024-22862CRITICAL9.8PL ✓ten sam produkt

Integer overflow w FFmpeg — RCE przez parser JPEG XL