Hole in widely-used FFmpeg codec could crash media servers or enable RCE | CSO Online
https://www.csoonline.com/article/4188531/hole-in-widely-used-ffmpeg-codec-could-crash-media-servers-or-enable-rce.htmlOpen linkView original on sh.itjust.workshttps://www.csoonline.com/article/4188531/hole-in-widely-used-ffmpeg-codec-could-crash-media-servers-or-enable-rce.htmlOpen linkView original on sh.itjust.works
Don't see it on here, but anther article I read said it requires ASLR to be disabled to be exploited. So unless you're messing with those values manually, I don't imagine many people are at major risk here. Unless that other article was wrong lol. Can't figure out where I read that so I don't have a source, sorry!
Good thing I already crashed mine! /s
Okay, did the researcher patch it? Or just throw shade at a hobbyist project?
I dunno if "hobbyist" is the right characterization for FFmpeg. This issue is fixed, though.