Vulnerability - CVE-2025-22919

Name

CVE-2025-22919

Source

NVD ( link)Debian ( link)

Description

A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file.

CWEs

CWE-617

Published Date

Feb 18, 2025

Updated Date

Jun 17, 2026

Workaround

Advisories

Analysis#

Affected Component

Analysis

ffmpeg

Patched

Vulnerability Ratings#

6.5

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

ffmpeg

buildroot

2025.02.x

6.1.5

Not Affected

ffmpeg

buildroot

master

6.1.5

Not Affected

ffmpeg

openwrt

master

6.1.4-r2

Not Affected

ffmpeg

openwrt

openwrt-25.12

6.1.4-r1

Not Affected

ffmpeg

yocto

master

8.1.1

Not Affected

ffmpeg

yocto

scarthgap

6.1.4

Not Affected

Resolved with patches#

ffmpeg (yocto:kirkstone)

Title

Author

Resolve

avfilter/buffersrc: check for valid sample rate

James Almer <jamrial@gmail.com>

CVE-2025-22919