CVE-2020-24995 – Buffer overflow vulnerability in sniff_channel_order function in aacdec_t

Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local).

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24995

Reference (s):

• http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f
• https://trac.ffmpeg.org/ticket/8845
• https://trac.ffmpeg.org/ticket/8859
• https://trac.ffmpeg.org/ticket/8860