CVE-2025-57612
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2025-09-10

Assigner: MITRE

Description
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Null pointer dereference vulnerability in the name() method allows an attacker to cause a denial of service. The vulnerability exists because the method fails to check for a NULL return value from the av_get_sample_fmt_name() C function, which can be triggered by providing an unrecognized sample format.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2025-09-10
Generated
2026-06-16
AI Q&A
2025-09-02
EPSS Evaluated
2026-06-15
NVD
CVE-2025-57612
EUVD
EUVD-2025-26412
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
meh.schizofreni rust-ffmpeg 0.3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a null pointer dereference in the name() method of rust-ffmpeg 0.3.0. It occurs because the method does not check if the av_get_sample_fmt_name() C function returns NULL when given an unrecognized sample format. This can cause the program to crash.

Impact Analysis

An attacker can exploit this vulnerability to cause a denial of service by crashing the application using rust-ffmpeg 0.3.0, potentially disrupting service availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-57612. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart