CVE-2025-12343

{"id": "CVE-2025-12343", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-12343", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-25T18:15:43.587630Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "affected": [{"source": "patrick@puiterwijk.org", "affectedData": [{"versions": [{"status": "affected", "version": "6.1", "lessThan": "8.1", "versionType": "semver"}], "packageName": "ffmpeg", "collectionURL": "https://github.com/FFmpeg/FFmpeg", "defaultStatus": "unaffected"}]}], "published": "2026-02-18T21:16:20.453", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-12343", "tags": ["Third Party Advisory"], "source": "patrick@puiterwijk.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406533", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "patrick@puiterwijk.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "patrick@puiterwijk.org", "description": [{"lang": "en", "value": "CWE-415"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in FFmpeg\u2019s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execution under normal conditions."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en el backend de TensorFlow de FFmpeg dentro del archivo fuente libavfilter/dnn_backend_tf.c. El problema ocurre en la funci\u00f3n dnn_execute_model_tf(), donde un objeto de tarea se libera m\u00faltiples veces en ciertas rutas de manejo de errores. Esta desasignaci\u00f3n de memoria redundante puede llevar a una condici\u00f3n de doble liberaci\u00f3n, lo que podr\u00eda causar que FFmpeg o cualquier aplicaci\u00f3n que lo use se bloquee al procesar modelos DNN basados en TensorFlow. Esto resulta en un escenario de denegaci\u00f3n de servicio, pero no permite la ejecuci\u00f3n de c\u00f3digo arbitrario bajo condiciones normales."}], "lastModified": "2026-06-17T08:32:12.467", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A525AFEB-C7C8-4310-A4D1-B776ABEFC206", "versionEndExcluding": "8.1", "versionStartIncluding": "6.1"}], "operator": "OR"}]}], "sourceIdentifier": "patrick@puiterwijk.org"}