Skip to main content

EUVDEUVD-2026-21976

| CVE-2026-30999 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-04-13 mitre GHSA-jj28-p98r-mwqj
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
SUSE
HIGH
qualitative
Red Hat
5.3 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

7
Patch released
Apr 19, 2026 - 02:30 nvd
Patch available
Re-analysis Queued
Apr 17, 2026 - 15:52 vuln.today
cvss_changed
Analysis Generated
Apr 15, 2026 - 12:30 vuln.today
CVSS changed
Apr 13, 2026 - 20:22 NVD
7.5 (None) 7.5 (HIGH)
EUVD ID Assigned
Apr 13, 2026 - 15:15 euvd
EUVD-2026-21976
Analysis Generated
Apr 13, 2026 - 15:15 vuln.today
CVE Published
Apr 13, 2026 - 00:00 nvd
HIGH 7.5

DescriptionCVE.org

A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

AnalysisAI

Heap buffer overflow in FFmpeg 8.0.1's av_bprint_finalize() function enables remote denial-of-service attacks through maliciously crafted media files. Exploitation requires no authentication (CVSS AV:N/AC:L/PR:N/UI:N), making this accessible to any network-based attacker who can deliver manipulated input to vulnerable FFmpeg instances. EPSS score of 0.04% (12th percentile) indicates low observed exploitation probability, and no public exploit code or active exploitation has been identified at time of analysis. While CVSS rates this 7.5 HIGH due to availability impact, real-world risk is primarily limited to public-facing media processing services.

Technical ContextAI

This vulnerability exploits a heap-based buffer overflow (CWE-122) in FFmpeg's av_bprint_finalize() function, which is part of FFmpeg's dynamic string buffer implementation used throughout the codebase for string operations. The affected code appears in the zmqsend.c utility component based on reference links. Heap buffer overflows occur when data is written beyond allocated heap memory boundaries, typically due to improper bounds checking during string operations. In FFmpeg's case, the av_bprint family of functions manages dynamically growing string buffers; a flaw in the finalize operation could allow attacker-controlled input to overflow allocated heap space. FFmpeg is a widely-deployed multimedia framework used for video/audio encoding, decoding, transcoding, streaming, and playback across desktop applications, web services, embedded systems, and command-line tools. The vulnerability specifically affects version 8.0.1, though CPE data limitations prevent comprehensive version range mapping.

RemediationAI

Upgrade FFmpeg to a patched version newer than 8.0.1 immediately for internet-facing or untrusted-input processing deployments. Consult the official FFmpeg download page at https://www.ffmpeg.org/download.html for the latest stable release incorporating this fix. As of this analysis, specific patched version numbers are not confirmed in available data sources; verify with FFmpeg security advisories or release notes which version addresses CVE-2026-30999. For environments unable to upgrade immediately, implement input validation and sanitization to reject malformed media files before FFmpeg processing, deploy rate limiting on media processing endpoints to mitigate DoS impact, isolate FFmpeg processing in sandboxed containers or VMs with resource limits, and monitor for abnormal process crashes indicating exploitation attempts. Review the technical details at https://excellent-oatmeal-319.notion.site/CVE-2026-30999-Memory-Leak-e0d88ac53e2e42c1b5ef9aa3497e27b6 and examine the vulnerable source code at https://github.com/FFmpeg/FFmpeg/blob/master/tools/zmqsend.c to understand attack surface.

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Desktop Applications 15 SP7 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP7 Fixed

Share

EUVD-2026-21976 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy