{"id":"CVE-2023-50007","details":"FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.","modified":"2026-04-16T04:38:27.988883604Z","published":"2024-04-19T17:15:51.957Z","related":["CGA-3q7c-r2ww-2g7r","openSUSE-SU-2024:13908-1","openSUSE-SU-2024:13909-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/"},{"type":"REPORT","url":"https://trac.ffmpeg.org/ticket/10700"},{"type":"FIX","url":"https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"47ac3e60653da651dfa064b649d0ac297560d8d5"},{"fixed":"083443d67cb159ce469e5d902346b8d0c2cd1c93"},{"fixed":"b1942734c7cbcdc9034034373abcc9ecb9644c47"}],"database_specific":{"versions":[{"introduced":"6.1"},{"fixed":"7.0"}]}}],"versions":["n6.1-dev","n6.2-dev"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-50007.json","vanir_signatures":[{"source":"https://github.com/ffmpeg/ffmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47","signature_version":"v1","signature_type":"Function","id":"CVE-2023-50007-4ff29af5","deprecated":false,"target":{"file":"libavfilter/af_afwtdn.c","function":"activate"},"digest":{"length":643,"function_hash":"181614323969489658019585350627741133558"}},{"source":"https://github.com/ffmpeg/ffmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47","target":{"file":"libavfilter/af_afwtdn.c","function":"filter_frame"},"signature_type":"Function","signature_version":"v1","deprecated":false,"id":"CVE-2023-50007-d29effb8","digest":{"length":2327,"function_hash":"194196606249101145237812097786065229552"}},{"source":"https://github.com/ffmpeg/ffmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47","signature_version":"v1","signature_type":"Line","id":"CVE-2023-50007-eae23747","deprecated":false,"target":{"file":"libavfilter/af_afwtdn.c"},"digest":{"line_hashes":["256383094265060240156948900737143591617","239347563569898969959451743424459834275","60246588840940230203212478612866994676","255612220992236712680783968945042273627","37478486320268761137589523886104082737","87944451254267186947504695346494804476","138624066529155671520591506531666957866","176342322629154996601096577449890477507","63009603503843421436932402589886112148","6896424656035020089779474523231566771","20353768670678032153684551012856480673","91946390479487423430629614948642213287","195813099162690949272844169896068589422","29923810499467717073780449084998624967","225354364968938761620162072822458320339","23739168097490545349406606782230993044","162575045180914450421635980989105855741","106477475894218096134488518209912446841","243902556303715510894175438763062543176","4087121597095718537923097068971671403","56448725330630990852245233062099517482","323942821091690611442776479184049158384","231325574231017710393526335250878094174","133314110427805821325442026764687703808","106203543345719716387509226095460372505","174879309391940369358026548977819048439","319812360811419520247807597237622893581"],"threshold":0.9}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"39"}]},{"events":[{"introduced":"0"},{"last_affected":"40"}]}],"vanir_signatures_modified":"2026-04-12T06:44:56Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}