Miggo Logo
Miggo Vulnerability Database
CVE-2024-35368

CVE-2024-35368: FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec...

9.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-35368
GHSA ID
GHSA-pw36-wp35-2rw6
EPSS Score
0.40973%
CWE
CWE-415
Published
11/29/2024
Updated
12/2/2024
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description and the commit message explicitly state that the rkmpp_retrieve_frame function in libavcodec/rkmppdec.c is affected by a double-free vulnerability. The provided patch, obtained via get_commit_infos, modifies this function to correct the error handling that led to the double free. Specifically, the patch adds a call to av_frame_unref(frame) before returning an error in a case where frame->hw_frames_ctx allocation fails. This ensures that resources held by frame (which may have been allocated to frame->buf[0] prior to this check, as per the commit message) are properly released once, preventing them from being freed again by other cleanup mechanisms or when frame is unreferenced later, which was the cause of the double free.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

**mp** n*.* is *****t** *y * *ou*l* *r** vi* t** rkmpp_r*tri*v*_*r*m* *un*tion wit*in li**v*o***/rkmpp***.*.

Reasoning

T** vuln*r**ility **s*ription *n* t** *ommit m*ss*** *xpli*itly st*t* t**t t** `rkmpp_r*tri*v*_*r*m*` *un*tion in `li**v*o***/rkmpp***.*` is *****t** *y * *ou*l*-*r** vuln*r**ility. T** provi*** p*t**, o*t*in** vi* `**t_*ommit_in*os`, mo*i*i*s t*is *