Login Sign Up

CVE-2021-38090

8.8 HIGH
Denial of Service

📋 TL;DR

This integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted video files. It affects systems using FFmpeg 4.2.1 for video processing. Applications that use FFmpeg libraries for video conversion or filtering are vulnerable.

💻 Affected Systems

Products:
  • FFmpeg
Versions: 4.2.1 specifically (commit 99f8d32129dd233d4eb2efa44678a0bc44869f23 fixes it)
Operating Systems: All platforms running FFmpeg
Default Config Vulnerable: ⚠️ Yes
Notes: Any application using FFmpeg libraries for video processing is affected when the convolution filter is used.

📦 What is this software?

Ffmpeg by Ffmpeg

View all CVEs affecting Ffmpeg →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if the integer overflow enables memory corruption that can be weaponized.

🟠

Likely Case

Denial of service causing FFmpeg processes to crash when processing malicious video files.

🟢

If Mitigated

Process isolation limits impact to the FFmpeg service only, preventing system-wide compromise.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting a malicious video file that triggers the integer overflow in the filter16_roberts function.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 99f8d32129dd233d4eb2efa44678a0bc44869f23 and later versions

Vendor Advisory: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/99f8d32129dd233d4eb2efa44678a0bc44869f23

Restart Required: Yes

Instructions:

1. Update FFmpeg to version 4.4 or later. 2. Rebuild any applications using FFmpeg libraries. 3. Restart services using FFmpeg.

🔧 Temporary Workarounds

Disable convolution filter

all

Prevent use of the vulnerable filter16_roberts function by disabling convolution filter processing

ffmpeg -vf 'convolution=disable' input.mp4 output.mp4

🧯 If You Can't Patch

  • Isolate FFmpeg processes using containerization or sandboxing
  • Implement strict input validation for video files before processing

🔍 How to Verify

Check if Vulnerable:

Check FFmpeg version: ffmpeg -version | grep 'ffmpeg version'

Check Version:

ffmpeg -version | head -1

Verify Fix Applied:

Verify version is 4.4 or later, or check git commit hash includes 99f8d32129dd233d4eb2efa44678a0bc44869f23

📡 Detection & Monitoring

Log Indicators:

  • FFmpeg process crashes
  • Segmentation fault errors in application logs
  • Unexpected termination of video processing services

Network Indicators:

  • Unusual video file uploads to processing services
  • Repeated failed video processing requests

SIEM Query:

source="*ffmpeg*" AND ("segmentation fault" OR "SIGSEGV" OR "crash")

📊 Metadata

CVE ID: CVE-2021-38090
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-120
Published: September 20, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-38090, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)