vulnerability

Debian: CVE-2025-7700: ffmpeg -- security update

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Jul 21, 2025

Added

Jul 21, 2025

Modified

Mar 30, 2026

Description

A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrupt services and cause a denial of service.

Solution

debian-upgrade-ffmpeg

References

CVE-2025-7700
https://attackerkb.com/topics/CVE-2025-7700
CWE-476
DEBIAN-DSA-5985-1
EUVD-EUVD-2025-38295
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-38295

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report