Double Free
CVE-2025-12343
Summary
A flaw was found in FFmpegs TensorFlow backend within the "libavfilter/dnn_backend_tf.c" source file. The issue occurs in the "dnn_execute_model_tf()" function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execution under normal conditions. This affects ffmpeg versions 6.1 prior to 7.1.2.
- LOW
- LOCAL
- NONE
- UNCHANGED
- REQUIRED
- NONE
- NONE
- HIGH
CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Advisory Timeline
- Published
