CVE-2025-12343 (CNNVD-202510-3638)
中文标题:
FFmpeg 安全漏洞
英文标题:
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file.
漏洞描述
中文描述:
FFmpeg是FFmpeg团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg存在安全漏洞,该漏洞源于libavfilter/dnn_backend_tf.c源文件中dnn_execute_model_tf函数在某些错误处理路径中多次释放任务对象,可能导致双重释放,造成拒绝服务。
英文描述:
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execution under normal conditions.
CWE类型:
标签:
受影响产品
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CNNVD | cnnvd_CNNVD-202510-3638 |
2025-11-11 15:13:00 | 2025-11-11 08:00:19 |
| NVD | nvd_CVE-2025-12343 |
2026-02-19 02:00:04 | 2026-02-18 22:00:02 |
| CVE | cve_CVE-2025-12343 |
2026-02-20 03:16:55 | 2026-02-19 22:00:01 |
版本与语言
安全公告
变更历史
查看详细变更
- data_sources: ['cnnvd', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- title_en: FFmpeg 安全漏洞... -> A flaw was found in FFmpeg’s TensorFlow backend wi...
- description_en: FFmpeg是FFmpeg团队的一套可录制、转换以及流化音视频的完整解决方案。 FFmpeg存在安全... -> A flaw was found in FFmpeg’s TensorFlow backend wi...
- references_count: 0 -> 2
- data_sources: ['cnnvd'] -> ['cnnvd', 'nvd']