cvedb.io
CVE-2017-1000460
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2018-01-03T20:29:00.220 · Last modified 2026-06-17T00:59:12.573

Summary

In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.

Affected products

libav — libav

Does this affect you?

Add your gear to cvedb and we'll alert you only when libav ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.