Skip to main content

Excessive Iteration


Severity Medium
Score 6.5/10


In FFmpeg prior to 2.4.14, 2.5.x prior to 2.8.13, 3.0.x prior to 3.0.10, 3.1-dev prior to 3.1.11, 3.2.x prior to 3.2.8, 3.3.x prior to 3.3.4, and 3.4-dev a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large "duration" field in the header but does not contain sufficient backing data, is provided, the image-offset parsing loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.

  • LOW
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-834 - Excessive Iteration

The software performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

Advisory Timeline

  • Published