CVE-2023-50010: n/a in n/a
FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
AI Analysis
Technical Summary
CVE-2023-50010 is a high-severity buffer over-read vulnerability identified in FFmpeg, specifically in the function ff_gradfun_blur_line_movdqa_sse2, which is part of the video processing routines. The vulnerability is triggered via a call to the set_encoder_id function located in fftools/ffmpeg_enc.c. Buffer over-read issues occur when a program reads more data than the buffer's allocated size, potentially leading to information disclosure, application crashes, or arbitrary code execution depending on the context. In this case, the vulnerability affects FFmpeg versions around the commit identified as v.n6.1-3-g466799d4f5. The CVSS 3.1 score of 7.8 indicates a high severity, with the attack vector being local (AV:L), requiring low attack complexity (AC:L), and low privileges (PR:L), but no user interaction (UI:N). The impact on confidentiality, integrity, and availability is rated high (C:H/I:H/A:H), meaning exploitation could lead to significant compromise of system security. The vulnerability is classified under CWE-120 (Classic Buffer Overflow), which is a common and dangerous class of memory corruption bugs. No public exploits are currently known, and no patches have been linked yet, indicating that mitigation may require monitoring for official updates from FFmpeg. Given FFmpeg's widespread use in multimedia processing, streaming services, and embedded devices, this vulnerability could be exploited by local users or processes to escalate privileges or cause denial of service.
Potential Impact
For European organizations, the impact of CVE-2023-50010 can be substantial due to FFmpeg's extensive use in media-related applications, content delivery networks, broadcasting, and video conferencing platforms. Exploitation could lead to unauthorized access to sensitive media data, disruption of multimedia services, or compromise of systems that rely on FFmpeg for encoding and decoding tasks. Industries such as media production, telecommunications, and any enterprise using video processing pipelines are at risk. The local attack vector suggests that attackers need some level of access to the target system, which could be achieved through compromised user accounts or malicious insiders. The high impact on confidentiality, integrity, and availability means that successful exploitation could result in data leaks, corrupted media content, or service outages, potentially affecting compliance with data protection regulations like GDPR. Additionally, embedded devices and IoT products using FFmpeg in Europe may be vulnerable, increasing the attack surface.
Mitigation Recommendations
European organizations should implement the following specific mitigations: 1) Inventory all systems and applications using FFmpeg, including embedded devices and third-party software that bundles FFmpeg libraries. 2) Restrict local access to systems running vulnerable FFmpeg versions by enforcing strict user privilege management and monitoring for unusual local activity. 3) Employ application whitelisting and sandboxing techniques to limit the impact of potential exploitation. 4) Monitor vendor channels and security advisories for official patches or updates addressing CVE-2023-50010 and apply them promptly once available. 5) Use runtime protection tools such as memory safety mitigations (e.g., ASLR, DEP) and exploit detection systems to reduce the risk of buffer over-read exploitation. 6) Conduct security testing and code audits on custom FFmpeg integrations to identify and remediate unsafe usage patterns. 7) For critical multimedia infrastructure, consider isolating FFmpeg processing in dedicated environments to contain potential compromises.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden, Poland
CVE-2023-50010: n/a in n/a
Description
FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.
AI-Powered Analysis
Technical Analysis
CVE-2023-50010 is a high-severity buffer over-read vulnerability identified in FFmpeg, specifically in the function ff_gradfun_blur_line_movdqa_sse2, which is part of the video processing routines. The vulnerability is triggered via a call to the set_encoder_id function located in fftools/ffmpeg_enc.c. Buffer over-read issues occur when a program reads more data than the buffer's allocated size, potentially leading to information disclosure, application crashes, or arbitrary code execution depending on the context. In this case, the vulnerability affects FFmpeg versions around the commit identified as v.n6.1-3-g466799d4f5. The CVSS 3.1 score of 7.8 indicates a high severity, with the attack vector being local (AV:L), requiring low attack complexity (AC:L), and low privileges (PR:L), but no user interaction (UI:N). The impact on confidentiality, integrity, and availability is rated high (C:H/I:H/A:H), meaning exploitation could lead to significant compromise of system security. The vulnerability is classified under CWE-120 (Classic Buffer Overflow), which is a common and dangerous class of memory corruption bugs. No public exploits are currently known, and no patches have been linked yet, indicating that mitigation may require monitoring for official updates from FFmpeg. Given FFmpeg's widespread use in multimedia processing, streaming services, and embedded devices, this vulnerability could be exploited by local users or processes to escalate privileges or cause denial of service.
Potential Impact
For European organizations, the impact of CVE-2023-50010 can be substantial due to FFmpeg's extensive use in media-related applications, content delivery networks, broadcasting, and video conferencing platforms. Exploitation could lead to unauthorized access to sensitive media data, disruption of multimedia services, or compromise of systems that rely on FFmpeg for encoding and decoding tasks. Industries such as media production, telecommunications, and any enterprise using video processing pipelines are at risk. The local attack vector suggests that attackers need some level of access to the target system, which could be achieved through compromised user accounts or malicious insiders. The high impact on confidentiality, integrity, and availability means that successful exploitation could result in data leaks, corrupted media content, or service outages, potentially affecting compliance with data protection regulations like GDPR. Additionally, embedded devices and IoT products using FFmpeg in Europe may be vulnerable, increasing the attack surface.
Mitigation Recommendations
European organizations should implement the following specific mitigations: 1) Inventory all systems and applications using FFmpeg, including embedded devices and third-party software that bundles FFmpeg libraries. 2) Restrict local access to systems running vulnerable FFmpeg versions by enforcing strict user privilege management and monitoring for unusual local activity. 3) Employ application whitelisting and sandboxing techniques to limit the impact of potential exploitation. 4) Monitor vendor channels and security advisories for official patches or updates addressing CVE-2023-50010 and apply them promptly once available. 5) Use runtime protection tools such as memory safety mitigations (e.g., ASLR, DEP) and exploit detection systems to reduce the risk of buffer over-read exploitation. 6) Conduct security testing and code audits on custom FFmpeg integrations to identify and remediate unsafe usage patterns. 7) For critical multimedia infrastructure, consider isolating FFmpeg processing in dedicated environments to contain potential compromises.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2023-12-04T00:00:00.000Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 6842ede271f4d251b5c8819b
Added to database: 6/6/2025, 1:32:18 PM
Last enriched: 7/7/2025, 7:41:26 PM
Last updated: 8/15/2025, 2:40:53 AM
Views: 13
Related Threats
CVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9087: Stack-based Buffer Overflow in Tenda AC20
HighTop Israeli Cybersecurity Director Arrested in US Child Exploitation Sting
HighCVE-2025-8878: CWE-94 Improper Control of Generation of Code ('Code Injection') in properfraction Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
MediumCVE-2025-8143: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pencidesign Soledad
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.