CVE-2025-10256 is a NULL pointer dereference vulnerability identified in the Firequalizer audio filter component of FFmpeg, specifically in the source file libavfilter/af_firequalizer.c. The root cause is a missing validation of the return value from av_malloc_array() within the config_input() function. When av_malloc_array() fails and returns NULL, the subsequent code attempts to dereference this NULL pointer, leading to a crash of the application. This vulnerability can be triggered by an attacker who crafts a specially designed media file that, when processed with the Firequalizer filter enabled, causes the application to dereference the NULL pointer. The result is a denial of service (DoS) condition due to application crash. The vulnerability affects FFmpeg version 3.2. The CVSS v3.1 base score is 5.3, reflecting a medium severity level, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and impact limited to availability (A:L) without affecting confidentiality or integrity. No patches or exploits are currently documented, but the vulnerability is publicly known and published as of February 18, 2026.

The primary impact of CVE-2025-10256 is a denial of service caused by application crashes when processing maliciously crafted media files with the Firequalizer filter enabled. This can disrupt media processing workflows, streaming services, or any application relying on FFmpeg 3.2 for audio filtering. The vulnerability does not compromise data confidentiality or integrity but can cause service outages, potentially affecting user experience and operational continuity. Organizations that automate media transcoding, streaming, or editing using vulnerable FFmpeg versions are at risk of unexpected downtime. Since exploitation requires no privileges or user interaction, attackers can remotely trigger crashes simply by delivering crafted media files, increasing the threat surface. However, the absence of known exploits in the wild suggests limited active exploitation at this time.

To mitigate CVE-2025-10256, organizations should upgrade FFmpeg to a version where this vulnerability is patched; if no official patch is available, consider backporting the fix by adding proper NULL checks on av_malloc_array() return values in the Firequalizer filter code. As an immediate workaround, disable the Firequalizer filter in media processing pipelines if feasible, especially when processing untrusted media files. Implement input validation and media file sanitization to detect and reject suspicious or malformed audio files before processing. Employ application-level monitoring to detect crashes or abnormal terminations related to FFmpeg processes and automate restarts or alerts. Network-level controls such as filtering or sandboxing media processing services can limit exposure to crafted files from untrusted sources. Finally, maintain updated threat intelligence to respond promptly if exploitation attempts emerge.