CVE-2025-25473
Publication date 18 February 2025
Last updated 19 February 2025
Ubuntu priority
FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| ffmpeg | 24.10 oracular |
Needs evaluation
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|
|
| libav | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release |
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2025-25473
- https://trac.ffmpeg.org/ticket/11419
- https://git.ffmpeg.org/gitweb/ffmpeg.git/blobdiff/4f3c9f2f03378a08692a26532bc3146414717f8c..c08d300481b8ebb846cd43a473988fdbc6793d1b:/libavformat/avformat.c
- https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/c08d300481b8ebb846cd43a473988fdbc6793d1b