CVE-2020-13904 : Exploit Details and Defense Strategies

FFmpeg 2.8 and 4.2.3 has a use-after-free vulnerability due to a crafted EXTINF duration in an m3u8 file. This vulnerability can be exploited through specific file manipulations.

Understanding CVE-2020-13904

This CVE involves a use-after-free vulnerability in FFmpeg versions 2.8 and 4.2.3, impacting the handling of EXTINF duration in m3u8 files.

What is CVE-2020-13904?

CVE-2020-13904 is a use-after-free vulnerability in FFmpeg versions 2.8 and 4.2.3, triggered by manipulating the EXTINF duration in an m3u8 file. The issue arises from improper handling of pointers in the code.

The Impact of CVE-2020-13904

This vulnerability allows an attacker to execute arbitrary code or cause a denial of service (DoS) by exploiting the use-after-free condition in FFmpeg. By crafting a malicious m3u8 file, an attacker can trigger the vulnerability and potentially compromise the system.

Technical Details of CVE-2020-13904

FFmpeg 2.8 and 4.2.3 are affected by a use-after-free vulnerability that can be exploited through a crafted EXTINF duration in an m3u8 file.

Vulnerability Description

The vulnerability occurs in the parse_playlist function in libavformat/hls.c, where a pointer is freed and later accessed in av_probe_input_format3 in libavformat/format.c.

Affected Systems and Versions

FFmpeg 2.8
FFmpeg 4.2.3

Exploitation Mechanism

Craft a malicious m3u8 file with a specific EXTINF duration
Exploit the use-after-free condition to execute arbitrary code or trigger a DoS

Mitigation and Prevention

To address CVE-2020-13904, follow these mitigation strategies:

Immediate Steps to Take

Update FFmpeg to a patched version
Avoid opening untrusted m3u8 files

Long-Term Security Practices

Regularly update software and libraries
Implement code reviews and security testing in development processes

Patching and Updates

Apply the latest security patches for FFmpeg