How to fix CVE-2025-1816?

Within 30 days: Identify affected systems running FFmpeg and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Suse affected by CVE-2025-1816?

Organizations using FFmpeg should be aware of moderate risk from CVE-2025-1816 rated CVSS 5.3. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

Suse CVE-2025-1816

MEDIUM

Memory Leak (CWE-401)

2025-03-02 [email protected]

Information Disclosure Suse

5.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Patch released

Apr 05, 2026 - 02:30 nvd

Patch available

Analysis Generated

Mar 28, 2026 - 18:29 vuln.today

CVE Published

Mar 02, 2025 - 14:15 nvd

MEDIUM 5.3

DescriptionNVD

A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 0526535cd58444dd264e810b2f3348b4d96cff3b. It is recommended to apply a patch to fix this issue.

AnalysisAI

A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Memory Leak (CWE-401), which allows attackers to exhaust available memory leading to denial of service. A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 0526535cd58444dd264e810b2f3348b4d96cff3b. It is recommended to apply a patch to fix this issue. Version information: up to 6.

Affected ProductsAI

See vendor advisory for affected versions.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Ensure all allocated memory is properly freed. Use RAII patterns or garbage-collected languages.

Vendor StatusVendor

CVE-2025-1816 vulnerability details – vuln.today

Back

Suse CVE-2025-1816

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Vendor StatusVendor

Share

Suse CVE-2025-1816

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Vendor StatusVendor

Share

External POC / Exploit Code