CVE-2024-35368 | THREATINT

Description

FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.

PUBLISHED Reserved 2024-05-17 | Published 2024-11-29 | Updated 2025-11-03 | Assigner mitre

References

lists.debian.org/debian-lts-announce/2025/02/msg00000.html

github.com/...ommit/4513300989502090c4fd6560544dce399a8cd53c

github.com/FFmpeg/FFmpeg/blob/n7.0/libavcodec/rkmppdec.c

gist.github.com/1047524396/7e6e47220ae2b2d2fb4611f0d8a31ec5

cve.org (CVE-2024-35368)

nvd.nist.gov (CVE-2024-35368)

help @ threatint.eu