CVE-2025-10256
Received Received - Intake
NULL Pointer Dereference in FFmpeg Firequalizer Filter Causes DoS

Publication date: 2026-02-18

Last updated on: 2026-02-26

Assigner: Fedora Project

Description
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-18
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2026-02-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-10256
EUVD
EUVD-2025-207798
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ffmpeg ffmpeg From 3.2 (inc) to 8.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "This vulnerability is a NULL pointer dereference in FFmpeg's Firequalizer audio filter. It occurs because the code does not check if memory allocation via av_malloc_array() succeeds in the config_input() function. If the allocation fails and returns NULL, the program attempts to use this NULL pointer, causing a crash."}, {'type': 'paragraph', 'content': 'An attacker can exploit this by tricking a user into processing a specially crafted media file with the Firequalizer filter enabled, which triggers the NULL pointer dereference and causes the application to crash.'}] [1, 3]

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS). When exploited, the application using FFmpeg with the Firequalizer filter enabled can crash unexpectedly due to the NULL pointer dereference.

This can disrupt services or applications that rely on FFmpeg for media processing, potentially causing downtime or interruption of media-related functionality.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by monitoring for crashes or denial of service events in applications using the FFmpeg Firequalizer filter when processing media files. Additionally, the presence of the vulnerable FFmpeg version with the affected Firequalizer filter can be checked.

To detect if your FFmpeg build is vulnerable, you can check the version or inspect if the patch that adds the NULL pointer check (commit a25462482c02c004d685a8fcf2fa63955aaa0931) is applied.

Suggested commands include:

  • Check FFmpeg version: `ffmpeg -version`
  • Check if the Firequalizer filter is present: `ffmpeg -filters | grep firequalizer`
  • Test processing a crafted media file with the Firequalizer filter enabled and monitor for crashes or errors.
  • If you have source code access, verify if the patch adding the NULL pointer check to av_malloc_array() in af_firequalizer.c is applied.
Mitigation Strategies

The immediate mitigation step is to update FFmpeg to a version that includes the patch fixing the NULL pointer dereference in the Firequalizer filter.

This patch adds a check on the return value of av_malloc_array() to prevent dereferencing a NULL pointer, which avoids crashes and denial of service.

If updating is not immediately possible, avoid processing untrusted or crafted media files with the Firequalizer filter enabled.

Additionally, consider disabling or removing the Firequalizer filter from your FFmpeg usage until the fix is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-10256. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart