{"id":"JLSEC-2026-642","details":"A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execution under normal conditions.","modified":"2026-06-26T20:30:03.794247356Z","published":"2026-06-26T20:24:16.337Z","upstream":["CVE-2025-12343"],"database_specific":{"sources":[{"database_specific":{"status":"Analyzed"},"url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-12343","modified":"2026-06-17T08:32:12.467Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12343","imported":"2026-06-26T19:19:07.673Z","id":"CVE-2025-12343","published":"2026-02-18T21:16:20.453Z"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-12343"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2406533"}],"affected":[{"package":{"name":"FFMPEG_jll","ecosystem":"Julia","purl":"pkg:julia/FFMPEG_jll?uuid=b22a6f82-2f65-5046-a5b2-351ab43fb4e5"},"ranges":[{"type":"SEMVER","events":[{"introduced":"6.1.1+0"},{"fixed":"8.1.0+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-642.json"}},{"package":{"name":"FFMPEG_nogpl_jll","ecosystem":"Julia","purl":"pkg:julia/FFMPEG_nogpl_jll?uuid=a6892c6b-5768-548c-b024-ff8dabf482c5"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"8.1.0+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-642.json"}},{"package":{"name":"FFplay_jll","ecosystem":"Julia","purl":"pkg:julia/FFplay_jll?uuid=c4dce911-e170-5107-8314-c7bdc6785395"},"ranges":[{"type":"SEMVER","events":[{"introduced":"7.1.0+0"},{"fixed":"8.1.2+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-642.json"}}],"schema_version":"1.7.5"}