FFmpeg Frame Packet Memory Corruption
CVE-2024-38413 Published on February 3, 2025
Improper Input Validation in Computer Vision
Memory corruption while processing frame packets.
Vulnerability Analysis
CVE-2024-38413 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity, and a small impact on availability.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2024-38413
Want to know whenever a new CVE is published for FFmpeg? stack.watch will email you.
Affected Versions
Qualcomm, Inc. Snapdragon:- Version FastConnect 7800 is affected.
- Version Snapdragon 8 Gen 3 Mobile Platform is affected.
- Version WCD9390 is affected.
- Version WCD9395 is affected.
- Version WSA8840 is affected.
- Version WSA8845 is affected.
- Version WSA8845H is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.