CVE-2025-8584 | libav up to 12.3 AVI File Parser libavutil/buffer.c av_buffer_unref null pointer dereference (ID 11679 / Nessus ID 253412)
A vulnerability categorized as problematic has been discovered in libav up to 12.3. This vulnerability affects the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation results in null pointer dereference. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is identified as CVE-2025-8584. The attack is only possible with local access. Additionally, an exploit exists.
The bug was initially reported by the researcher to the wrong project.