The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted Apple Lossless Audio Codec (ALAC) data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ffmpeg | Ffmpeg | * | 2.7.1 |